Jeremy Harris via Exim-users writes > On 11/06/2019 05:12, Thomas Krichel via Exim-users wrote: > > I have an issue that has a similar feel to it. It's with a host of > > Germanic providers gmx.de, gmx.at, web.de, mailbox.org ... > > > > 2019-03-25 09:00:08 1h8LSh-0001oy-Uy DANE attempt failed; TLS connection > > to mx-ha03.web.de [212.227.15.17]: (certificate verification failed): TLSA > > record problem: There was error initializing the DNS query. > > It'd be useful to know whether this DNS access is being done by > Exim of by the GnuTLS library. Would it be possible to get debug > output for a sample?
If I knew how to make this, sure. I'm trying with cat /home/ernad/test.mail | /usr/sbin/exim4 -t -d tls > /tmp/debug_tls.out 2> /tmp/debug_tls.err I'm posting it at http://openlib.org/home/krichel/tls.txt > What about a packet capture, for the same sample? It turns out that now gmail are not taking my mail anymore since Sunday. I become aware of this this morning. It maybe the earlier failure is related to the current one. One thing pretty much for sure, I have aonther server, amorp.openlib.org, the one I am writing now from, where I have the same exim.key and exim.crt files, same owners, same permissions, same exim version, and I don't have a problem there. Now I'm supposed to head out to the beach for a barbecue when I'd rather stay in and debug this further ;-( -- Cheers, Thomas Krichel http://openlib.org/home/krichel skype:thomaskrichel -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/