On Sun, Dec 14, 2025 at 12:11:09PM +0700, Xavier Beaudouin via mailop wrote:
> A friend of mine told me he cannot reach me since few days. Looking on
> the logs I see that infomaniak seems to connect ot my mail server, but
> close directly the connection….
And not just infomaniak, any MTA that implements DANE outbound:
https://stats.dnssec-tools.org/explore/?oav.net
https://stats.dnssec-tools.org/explore/?6meat.fr
https://stats.dnssec-tools.org/explore/?6meat.net
https://stats.dnssec-tools.org/explore/?oav.bzh
https://stats.dnssec-tools.org/explore/?perfide.net
https://stats.dnssec-tools.org/explore/?qiwei.fr
https://stats.dnssec-tools.org/explore/?rislsi.com
https://stats.dnssec-tools.org/explore/?rislsi.eu
https://stats.dnssec-tools.org/explore/?rislsi.fr
https://stats.dnssec-tools.org/explore/?rislsi.net
https://stats.dnssec-tools.org/explore/?xn--lacon-qqa.fr
If you've implemented inbound DANE (published TLSA records for your MX
hosts) *without* or prior to implementing timely monitoring of the
correctness of said TLSA records, then you're doing it all wrong.
Unmonitored security is an oxymoron.
https://list.sys4.de/hyperkitty/list/[email protected]/message/6723WDBLPYWSXAORTAJR7EPAIOFAP5N4/
--
Viktor. 🇺🇦 Слава Україні!
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
