On 9 Aug 2022, at 10:27, Tobias Fiebig via mailop wrote: > This is interesting. The certificate for tls-invalid should a) not match the > CN, and b) be expired. The ": b'84:OK secure > match=tls-invalid.measurement.email-security-scans.org servername=hostname,'" > is hence a bit confusing. Also just tested it with 'openssl s\_client > -starttls smtp -crlf -connect > tls-invalid.measurement.email-security-scans.org:25' just now, and the CN > does indeed not match.
https://esmtp.email/tools/mta-sts/ also is reporting on a missing DNS policy. The cert is reported as expired as well. -lem _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
