Add MTA-STS in selfhosted
Summary
Add MTA-STS for improved email security.
Description
Actually there is no authentication of a selfhosted email server (DANE or MTA-STS).
So, they are vulnerable to a MITM attack.
As DNSSEC is outside of scope for selfhosted, our best bet will be MTA-STS (DANE requires DNSSEC).
Further reading here for example: https://www.hardenize.com/blog/mta-sts.
Examples
Guarantee selfhosted authentication, protect against MITM attacks.
PoC here: https://community.e.foundation/t/howto-activate-mta-sts-for-self-hosted-e-cloud/20392
Validation
Online tests passed successfully.