On Sat, Nov 18, 2023 at 04:33:46PM +0900, Byung-Hee HWANG via Postfix-users wrote:
> > or if you prefer: > > > > _25._tcp.mx1.org.example. IN CNAME _25._tlsa.org.example. > > _25._tcp.mx2.org.example. IN CNAME _25._tlsa.org.example. > > ... > > _25._tcp.mxN.org.example. IN CNAME _25._tlsa.org.example. > > ; > > _25._tlsa.org.example. IN TLSA 2 1 1 > > 8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d ; R3 > > _25._tlsa.org.example. IN TLSA 2 1 1 > > e5545e211347241891c554a03934cde9b749664a59d26d615fe58f77990f2d03 ; R4 > > _25._tlsa.org.example. IN TLSA 2 1 1 > > 276fe8a8c4ec7611565bf9fce6dcace9be320c1b5bea27596b2204071ed04f10 ; E1 > > _25._tlsa.org.example. IN TLSA 2 1 1 > > bd936e72b212ef6f773102c6b77d38f94297322efc25396bc3279422e0c89270 ; E2 > > Thank you for the clear summary. I did update all again. > Good job, you're set until some future change a few years down the line. _25._tcp.yw-0919.doraji.xyz. IN CNAME rfc7671.doraji.xyz. _25._tcp.yw-1204.doraji.xyz. IN CNAME rfc7671.doraji.xyz. rfc7671.doraji.xyz. IN TLSA 2 1 1 8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d rfc7671.doraji.xyz. IN TLSA 2 1 1 e5545e211347241891c554a03934cde9b749664a59d26d615fe58f77990f2d03 rfc7671.doraji.xyz. IN TLSA 2 1 1 276fe8a8c4ec7611565bf9fce6dcace9be320c1b5bea27596b2204071ed04f10 rfc7671.doraji.xyz. IN TLSA 2 1 1 bd936e72b212ef6f773102c6b77d38f94297322efc25396bc3279422e0c89270 It may be prudent to mark your calendar to check the Let's Encrypt certificate page once or twice a year, and make appropriate changes if new intermediate issuer CAs are introduced, or extant ones retired. https://letsencrypt.org/certificates/ -- Viktor. _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org