> "DS" == Dirk Stöcker writes:
DS> - GnuTLS and OpenSSL both give an unspecified error (could this be
DS> due to missing SNI support?).
gnutls-cli says:
,
| Status: The certificate is NOT trusted. The certificate issuer is
| unknown. The name in the certificate does not match the expect
Dirk St?cker:
> For some subdomains when switching from catchall to individual settings I
> simply set a CNAME to another name with correct MX settings
>
> name.domain.tld --> mail.domain.tld (containing A, and MX)
>
> It worked for many servers, but some started to deliver mail to
> u...@m
On Thu, 27 Nov 2014, Viktor Dukhovni wrote:
which shows a non-broken DoE response, so it looks your domain is
all set. Though sometimes the issue is triggered by a wildcard at
the zone apex ("*.example.com") that is incorretly applied to
I stopped using wildcards for my active used domains. T
On Thu, Nov 27, 2014 at 10:12:01AM +0100, Dirk St?cker wrote:
> after nearly a year I was now able to setup a testing domain which supports
> DANE with a German domain provider. Now I'm in the testing stage to see if I
> did everything right.
>
> DNSSEC-validation is fine:
> http://dnssec-debugge
* Dirk Stöcker :
> Hello,
>
> after nearly a year I was now able to setup a testing domain which
> supports DANE with a German domain provider. Now I'm in the testing
> stage to see if I did everything right.
>
> DNSSEC-validation is fine:
> http://dnssec-debugger.verisignlabs.com/cryptedmail.eu
Hello,
after nearly a year I was now able to setup a testing domain which
supports DANE with a German domain provider. Now I'm in the testing stage
to see if I did everything right.
DNSSEC-validation is fine:
http://dnssec-debugger.verisignlabs.com/cryptedmail.eu
DANE/TLSA existence is fine:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 15-11-14 00:00, Viktor Dukhovni wrote:
> On Fri, Nov 14, 2014 at 10:58:08PM +0100, Tom Hendrikx wrote:
>
>> Nov 14 22:55:56 hostname postfix-out/smtp[11505]: Verified TLS
>> connection established to mail.sys4.de[2001:1578:400:111::7]:25:
>> TLS
On Fri, Nov 14, 2014 at 10:58:08PM +0100, Tom Hendrikx wrote:
> Nov 14 22:55:56 hostname postfix-out/smtp[11505]: Verified TLS
> connection established to mail.sys4.de[2001:1578:400:111::7]:25: TLSv1
> with cipher ECDHE-RSA-AES256-SHA (256/256 bits)
> Nov 14 22:55:57 hostname postfix-out/smtp[1150
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 14-11-14 22:27, Viktor Dukhovni wrote:
> On Fri, Nov 14, 2014 at 10:01:02PM +0100, Tom Hendrikx wrote:
>
>> One notable difference between posttls-finger and postfix (as
>> described in the documentation) is that postfix would only use
>> the TL
On Fri, Nov 14, 2014 at 10:01:02PM +0100, Tom Hendrikx wrote:
> One notable difference between posttls-finger and postfix (as
> described in the documentation) is that postfix would only use the
> TLSA record for deciding on a "verified" connection when the resolver
> is running on localhost, whil
Tom Hendrikx:
-- Start of PGP signed section.
> Hi,
>
> I configured my mailserver to use DANE for outbound mail whenever
> possible, but I am having a hard time in verifying that this actually
> works.
>
> When I use posttls-finger from the machine, it indicates "Verified TLS
> connection establ
* Tom Hendrikx :
> I configured my mailserver to use DANE for outbound mail whenever
> possible, but I am having a hard time in verifying that this actually
> works.
>
> When I use posttls-finger from the machine, it indicates "Verified TLS
> connection established" when i point to a few mxen that
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi,
I configured my mailserver to use DANE for outbound mail whenever
possible, but I am having a hard time in verifying that this actually
works.
When I use posttls-finger from the machine, it indicates "Verified TLS
connection established" when i
13 matches
Mail list logo
