RFC 7672 is a RFC
describing SMTP Security
via Opportunistic DNS-Based Authentication of Named Entities
) Transport Layer Security
We refer you to the full text.
RFC 7672 implementations are protected from StartTLS Downgrade Attack.
There might be more information for this subject on one of the following: