On Sat, Mar 16, 2024 at 11:04:46PM +0100, Dirk Stöcker via Postfix-users wrote:
> From the server which has the local name server the answer has the
> aa flag, but not the ad flag.
That's expected when the nameserver in question is authoritative for the
requested domain, no DNSSEC validation is
Hello,
DANE TLSA records are strictly enforced when "well-formed", where
well-formed also requires a plausible TLSA "associated data" field
(expected length for SHA2-256 and SHA2-512 digests and valid DER
encoding of certs or keys for matching type Full(0)).
That's what I did expect. Starting
On 2024-03-15 at 14:11:03 UTC-0400 (Fri, 15 Mar 2024 13:11:03 -0500)
Matt Saladna via Postfix-users
is rumored to have said:
Hello,
I'm seeking a workaround for Microsoft's litany of IPs landing on
DNSBL. They'd like all mail irrespective of DNSBL status to be
delivered, which requires a