DNSSEC, and DANE support

[GreenBeard]

I'm not an expert on email, but my basic understanding is that normally server to server emails aren't very secure, and that as certain features of DMARC, DKIM, and SPF rely upon accurate DNS records they are vulnerable to the many attacks against DNS infrastructure unless DNSSEC is used. Further my understanding of server to server email encryption is that it is by default opportunistic, and therefore vulnerable to downgrade attacks. I would also therefore like to request support for DANE to ensure that no one can read email messages in transit between servers (for example Microsoft is slowly adding support for this to the emails that they manage https://techcommunity.microsoft.com/t5/exchange-team-blog/releasing-outbound-smtp-dane-with-dnssec/ba-p/3100920).

I apologize if this should really be separated into two issues instead of one (I can do that if you want, or feel free to do it yourself). The issues seemed connected enough to be worth posting together to me.

Edit: see https://dnsviz.net/d/purelymail.com/dnssec/