Opportunistic_tls_reconnect_on_failed_handshake, default true|false?

Hi, quick question on opportunistic_tls_reconnect_on_failed_handshake

In a scenario where the customer base includes major mailbox providers but also many small self-managed MTAs and flaky STARTTLS/TLS, enabling this fallback by default seems useful to avoid failures when plain SMTP would work and to avoid having to add per-domain overrides as each problematic domain appears

So in defaults use:

opportunistic_tls_reconnect_on_failed_handshake = true
remember_broken_tls = 'X days'

Are there any notable side effects in the field (e.g., unexpected behavior, latency, memory consumption, number of sockets problem, connection leak, … )?

Any advice appreciated

So this mainly comes down to keeping the defaults as close to RFC as possible and not about resource issues. That said, I do think I’ll look at adding a section to the defaults file that is commented out with instructions on how most people will want to uncomment it.