EOP-164: add support pages for MTA-STS in Momentum #760
Conversation
✅ Deploy Preview for support-docs ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
| @@ -0,0 +1,27 @@ | |||
| --- | |||
There was a problem hiding this comment.
On this page, clicking the mta-sts link in the breadcrumb gives me a 404. Can we fix it? Please review breadcrumbs in all new pages.
content/momentum/4/mta-sts.md
Outdated
|
|
||
| ### Example 1: Recipient domain enforces MTA-STS and MX is allowed as per the MTA-STS policy | ||
|
|
||
| > **MTA-STS policy retrieved from https://mta-sts.domain.com/.well-known/mta-sts.txt** |
There was a problem hiding this comment.
(nit) These (bogus) links show up as links in the doc. Is there a way to defeat that (e.g. by marking as code?), or do we care?
| - [mta_sts_dns_cname_max_depth](/momentum/4/config/mta-sts/mta-sts-dns-cname-max-depth) | ||
| - [mta_sts_policy_store](/momentum/4/config/mta-sts/mta-sts-policy-store) | ||
|
|
||
| ## Related [Debug_Flags](/momentum/4/config/ref-debug-flags) |
There was a problem hiding this comment.
In this page, the default list for ERROR and CRITICAL list most but not all of the types, plus ALL. IMO, it should just say ALL.
There was a problem hiding this comment.
I consider it serves not only "default" settings, but an example of listing the logging of interest. A partial list + ALL won't change the final value of the "default".
The page lists some there and followed by
Use ALL instead of listing each service debug flag.
I don't have a strong opinion to change it.
content/momentum/4/mta-sts.md
Outdated
| checks and encryption for delivering email. RFC 8461 describes the use of MTA-STS for improving | ||
| SMTP security between MTAs. | ||
|
|
||
| If the per-domain config option [use_mta_sts](/momentum/4/config/mta-sts/use-mta-sts) is set to `true`, |
There was a problem hiding this comment.
This seems to ignore the global-level option. Maybe "global or per-domain"?
|
|
||
| When this option is `true`, the MTA-STS policy mode will be considered along with the configuration | ||
| values for [TLS](/momentum/4/config/ref-tls) and [TLS_Verify](/momentum/4/config/tls-verify). | ||
| The more strict policy will apply. E.g. When the MTA-STS policy mode is `enforce`, regardless the |
| When the MTA-STS policy mode is `none`, the policy will be ignored and the configuration values for | ||
| `TLS` and `TLS_Verify` will be respected. | ||
|
|
||
| The default value is `true` when the domain level `use_mta_sts` is `true`. |
There was a problem hiding this comment.
how about "when use_mta_sts is true for a domain"?
| <a name="config.use-mta-sts"></a> | ||
| ## Name | ||
|
|
||
| use_mta_sts — specify whether Momentum should do MTA-STS policy fetching for a domain or not |
There was a problem hiding this comment.
IMO, the "or not" is implied and not needed
| @@ -44,6 +44,8 @@ description: "This section documents all the non module specific console command | |||
| | [message fail quiet](/momentum/4/console-commands/message-fail-quiet) | fail a message and do not create a non-delivery receipt (NDR) | | |||
| | [message retry](/momentum/4/console-commands/message-retry) | perform an immediate delivery attempt on a message | | |||
| | [module](/momentum/4/console-commands/4-module) | manage loaded modules online | | |||
| | [mta_sts](/momentum/4/console-commands/mta_sts) | commands to display and manage MTA-STS policy for a domain | | |||
| | [\pager](/momentum/4/console-commands/pager) | Page output of long console commands in the console. | | |||
| @@ -0,0 +1,100 @@ | |||
| --- | |||
There was a problem hiding this comment.
Kris had raised an issue on slack about the new feature not being searchable. Let's see if the issue gets resolved just by the virtue of merging the PR into main. If not, we'll have to revisit and seek help if needed.
|
|
||
| ## Scope | ||
|
|
||
| `mta_sts_dns_cname_max_depth` is valid in the global scope. |
| `mta-sts show domain {domain name}` | ||
|
|
||
| `mta-sts refresh policy {domain name}` |
There was a problem hiding this comment.
typo, should be "mta_sts"
What Changed
How To Test or Verify
PR Checklist
Below are some checklists to follow for the correct procedure in different circumstance. The first list ("All PRs Checklist") should be followed for ALL PRs. The next 2 are additive to this list depending on what type of PR you are using.
For example: If you are submitting a content change to one of the support documents, your checklist would include the:
If you are submitting a feature addition, enhancement, or bug fix, your checklist would include the:
All PRs Checklist
team-FEorteam-SAZ)Content Changes Checklist
examples/article.mdin the root of the project directory and on the momentum doc's preface articleDevelopment Changes Checklist (some checks are automatic github actions and will not be listed here. ie. "all tests pass")
cypress/directory in the root of the project