diff --git a/docs/autodiscovery.rst b/docs/autodiscovery.rst index a630850..34ef3d6 100644 --- a/docs/autodiscovery.rst +++ b/docs/autodiscovery.rst @@ -1,18 +1,73 @@ Autodiscovery ============= -`RFC6186 `_ allows supporting email clients to automatically discover SMTP / IMAP addresses -of the mailserver. For that, the following records are required: +`RFC6186`_ defines how email clients can automatically discover a mail server's +SMTP and IMAP endpoints. To enable this, the following DNS records must be +configured: -================= ==== ==== ======== ====== ==== ================= -Record TTL Type Priority Weight Port Value -================= ==== ==== ======== ====== ==== ================= -_submission._tcp 3600 SRV 5 0 587 mail.example.com. -_submissions._tcp 3600 SRV 5 0 465 mail.example.com. -_imap._tcp 3600 SRV 5 0 143 mail.example.com. -_imaps._tcp 3600 SRV 5 0 993 mail.example.com. -================= ==== ==== ======== ====== ==== ================= +.. csv-table:: Resource record set + :header: "Name", "TTL", "Type", "Priority", "Weight", "Port", "Value" + :widths: 30, 5, 5, 5, 5, 5, 20 -Please note that only a few MUAs currently implement this. For vendor-specific -discovery mechanisms `automx `_ can be used instead. + _submissions._tcp.example.com., 3600, SRV, 10, 1, 465, mail.example.com. + _imaps._tcp.example.com., 3600, SRV, 10, 1, 993, mail.example.com. + +Legacy records +^^^^^^^^^^^^^^ + +The following DNS records are only supported with +:option:`mailserver.enableSubmission` and :option:`mailserver.enableImap`, +because they only support connections with explicit TLS. These services are +disabled by default because they are deprecated through `RFC8314 4.1`_. + +.. csv-table:: Resource record set + :header: "Name", "TTL", "Type", "Priority", "Weight", "Port", "Value" + :widths: 30, 5, 5, 5, 5, 5, 20 + + _submission._tcp.example.com., 3600, SRV, 20, 1, 587, mail.example.com. + _imap._tcp.example.com., 3600, SRV, 20, 1, 143, mail.example.com. + +Client support +^^^^^^^^^^^^^^ +*As researched in March 2026* + +Only a small number of MUAs currently implement this. The most common concern +from the bigger and security-conscious vendors is lack of widespread DNSSEC +propagation that could be used to authenticate these SRV records. + +- Aerc: since 0.20.1 + + - ``_submissions._tcp`` support submitted in https://lists.sr.ht/~rjarry/aerc-devel/patches/68173 + +- Evolution: Since 3.49.3 for mail accounts + + - https://gitlab.gnome.org/GNOME/evolution/-/wikis/Autoconfig + - https://gitlab.gnome.org/GNOME/evolution/-/issues/941 + +Unsupported +*********** +- DeltaChat: + + - https://github.com/chatmail/core/issues/1508 + +- Thunderbird: + + - Desktop: https://bugzilla.mozilla.org/show_bug.cgi?id=342242 + - Android: https://github.com/thunderbird/thunderbird-android/issues/4721 + + +Vendor-specific autoconfig +^^^^^^^^^^^^^^^^^^^^^^^^^^ + +The `automx2`_ service can provide autoconfig support for Apple's +`mobileconfig`_, Microsoft's `Autodiscover`_ and Mozilla's `Autoconfig`_ +standards. It does however lack support for multiple mail domains and isn't open for +contributions due to copyright concerns. + +.. _mobileconfig: https://support.apple.com/de-de/guide/profile-manager/pmdbd71ebc9/mac +.. _Autodiscover: https://learn.microsoft.com/en-us/exchange/architecture/client-access/autodiscover?view=exchserver-2019 +.. _Autoconfig: https://benbucksch.github.io/autoconfig-spec/draft-ietf-mailmaint-autoconfig.html +.. _automx2: https://github.com/rseichter/automx2 +.. _RFC6186: https://www.rfc-editor.org/rfc/rfc6186 +.. _RFC8314 4.1: https://www.rfc-editor.org/rfc/rfc8314#section-4.1