Comcast - Outbound DANE Announcement (comcast.net)
Alexander_Brotman at comcast.com
Tue Jul 18 22:10:00 CEST 2017
Some time ago, Comcast rolled out TLSA records for senders to utilize when sending to "comcast.net" recipients, allowing senders to authenticate the certificates presented by our MTAs. In continuing support for DANE, we intend to deploy pilot code for outbound DANE this week, allowing us to do the same for traffic coming from our platform destined for other sites. We will pilot this with a few chosen domains that we've contacted and have made aware of our plans. Once we feel more comfortable with this, we will remove the restrictions and attempt DANE for all destination domains (with an exemption list for known-broken destination domains). If you would like to submit your domain to be part of the pilot, please drop me a note off-list.
Sr. Engineer, Anti-Abuse
More information about the dane-users