- Publishing a policy of our own. It's a bit more complicated than expected requiring both a DNS record and an HTTPS endpoint in a predefined domain name (mta-sts.wikimedia.org) and URL (/.well-known/mta-sts.txt), but it's probably a day or two's worth of effort.
- Getting reporting for TLS failures, especially if we originally deploy in testing mode. That's described separately in another draft RFC, TLSRPT and has the same complexities as the DMARC reporter stuff, so it should probably be tackled together.
- Obeying others' MTA-STS policies. That will likely need Exim support and is right now non-trivial. Exim's documentation says on the subject: Exim has no support for MTA-STS as a client […]
Removing task assignee due to inactivity, as this open task has been assigned to the same person for more than two years (see the emails sent to the task assignee on Oct27 and Nov23). Please assign this task to yourself again if you still realistically [plan to] work on this task - it would be welcome.
(See https://www.mediawiki.org/wiki/Bug_management/Assignee_cleanup for tips how to best manage your individual work in Phabricator.)