Hello, I have started a migration to a new MX recently and I have discovered that new MX rejects mx.mailop.org early due to DNS failure. As I can see now, it is related to DNSSEC problems (at a new machine, I have DNSSEC restricted from downgrading). I have checked if it is my resolver being faulty but no, I am able to replicate this problem using Cloudflare DoH:
$ curl --silent --http2 --header "accept: application/dns-json" "https://1.1.1.1/dns-query?name=mx.mailop.org"; | jq . { "Status": 2, "TC": false, "RD": true, "RA": true, "AD": false, "CD": false, "Question": [ { "name": "mx.mailop.org", "type": 1 } ], "Comment": [ "EDE(7): Signature Expired for DNSKEY dnssec.works., id = 41779: RRSIG dnssec.works., expiration = 1721570770", "EDE(18): Prohibited" ] }
-- Send unsolicited bulk mail to carl...@at.encryp.ch _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
