Author: Felipe Gasper Date: To: exim users Subject: Re: [exim] SNI and DANE TLSA record monitoring
> On Oct 19, 2016, at 1:22 PM, Viktor Dukhovni <exim-users@???> wrote:
>
> I've
> yet to see a compelling reason for server-side SNI support. Do not
> go there, unless your back's against the wall...
>
Our reason went like this: many email clients will assume that “bob@???” uses either “foo.org” or “mail.foo.org” as a mail server.
When the only way to have working SSL is for the client to know about “shared49.somehost.where-is-this.com”, the client and server have to be smart enough to do autoconfig, or the user has to type that in manually. This makes for a worse user experience and increases support requests.