On Sun, Jan 23, 2022 at 10:44:23PM +0100, Joachim Lindenberg wrote:
> Thanks a lot! That´s the root cause. I added the CNAME to get LE to
> verify the certificate shared by the MX addresses - and I prefer
> CNAMEs to avoid double maintenance. I now exchanged CNAME with A and
> it worked (or
-users@postfix.org
Betreff: Re: no TLSA records found?
On Sun, Jan 23, 2022 at 10:13:17PM +0100, Joachim Lindenberg wrote:
> I am really wondering why it works for one domain and doesn´t for mine.
See: https://dnsviz.net/d/et.lindenberg.one/dnssec/
It appears that "et.lindenberg.one&quo
On Sun, Jan 23, 2022 at 10:13:17PM +0100, Joachim Lindenberg wrote:
> I am really wondering why it works for one domain and doesn´t for mine.
See: https://dnsviz.net/d/et.lindenberg.one/dnssec/
It appears that "et.lindenberg.one" is a CNAME for "io.lindenberg.one",
and it is not valid to have
r
>> AD=1
>A signed TLSA "3 1 1" record for "mx04".
Yes. I want to test some interoperability and error scenarios. The fact that
some of the TLSA records don’t match the certificates (whether LE or
self-signed) is not the issue, as postfix doesn´t connect.
>> When I send a m
SA 2 1 1
8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d ; NoError AD=1
More Let's Encrypt "R3" records for "mx05" and "mx06".
> When I send a mail from my postfix however, postfix reports “no TLSA
> records found“. Or full log entrie
ceiver).
When I send a mail from my postfix however, postfix reports “no TLSA records
found“. Or full log entries:
warning: TLS policy lookup for et.lindenberg.one/et.lindenberg.one: no TLSA
records found
49B4E0EAC: to=, relay=none, delay=49105,
delays=49104/0.04/0.51/0, dsn=4.7.5, status=de