Heho, Thanks! Looks promising or rather working. :-) I am currently dealing with a major ESP for some reason not finding my policies... Will come back to the list as soon as the web/selftest interface is ready. :-)
With best regards, Tobias -----Original Message----- From: mailop <mailop-boun...@mailop.org> On Behalf Of Alessandro Vesely via mailop Sent: Wednesday, 10 August 2022 18:55 To: mailop@mailop.org Subject: Re: [mailop] Debugging MTA-STS sending On Tue 09/Aug/2022 12:23:51 +0200 Tobias Fiebig via mailop wrote: > > I am currently trying to debug a test for MTA-STS sending; The setup is a > domain with an MX with an invalid certificate to test whether MTA-STS > policies are honord (if they are, no mail should be received). I tested this > last night with an ESP I know should be honoring MTA-STS; However, while the > policy was retrieved from the webserver, the email got ultimately delivered. > I also did not get an MTA-STS TLS-RPT, even though other domains got them > from the same ESP today. > > Could some of you who are on a setup that validates MTA-STS please try to > send me an email to, and if it (hopefully) fails share the NDR?: > > measurem...@mail-mtasts.measurement.email-security-scans.org Here's the warning I've received thus far, using Courier-MTA: --------------------------------------------------------------------------- DELAYS IN DELIVERING YOUR MESSAGE The delivery of the following E-mail message has been delayed. This is an advisory notice only; it is sent only to notify you about a temporary delay in delivering your message. You DO NOT need to do anything at this time. Additional attempts to deliver your message will be made. Some possible reasons for this delay: * Network congestion or failure. * The destination mail server is temporarily off-line. Diagnostic information is provided below for each recipient. If copies of this message were sent to additional recipients, deliveries to those addresses are not included in this notice. This is an advisory notice for the following addresses only: <measurem...@mail-mtasts.measurement.email-security-scans.org>: tls-invalid.measurement.email-security-scans.org [195.191.197.90]: >>> STARTTLS <<< 400 Invalid peer certificate --------------------------------------------------------------------------- If your message was also sent to additional recipients, their delivery status is not included in this report. You may or may not receive other delivery status notifications for additional recipients. The original message follows as a separate attachment. --=_courier_0 Content-Type: message/delivery-status Content-Transfer-Encoding: 7bit Reporting-MTA: dns; wmail.tana.it Arrival-Date: Wed, 10 Aug 2022 09:55:52 +0200 Received-From-MTA: dns; [172.25.197.111] (pcale.tana [172.25.197.111]) Final-Recipient: rfc822; measurem...@mail-mtasts.measurement.email-security-scans.org Action: delayed Status: 4.0.0 Will-Retry-Until: Wed, 17 Aug 2022 09:55:52 +0200 --=_courier_0 Content-Type: text/rfc822-headers; charset="utf-8" Content-Transfer-Encoding: 7bit [DELETED] --=_courier_0-- Best Ale -- _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop