[Operators] requiring channel encryption

[Kevin Smith]

On Wed, Apr 30, 2008 at 1:54 PM, Jonathan Schleifer <js-xog at webkeks.org> wrote:
>  What about this as a solution: At the firewall level, route those
>  servers that don't support TLS to the other s2s and let traffic from
>  all other IPs be routed to the s2s that requires TLS. That way you
>  won't even need SRV records!

You still need the usual SRV record, just not the second one. This
will work fine, though :)

/K