DANE-enabled SMTP test destination?

Viktor Dukhovni ietf-dane at dukhovni.org
Wed Apr 8 20:02:23 CEST 2015


On Wed, Apr 08, 2015 at 05:36:03PM +0000, Kevin San Diego wrote:

> Does anyone know of an SMTP+DANE email reflector address where you can
> send test email to in order to validate proper SMTP client DANE behavior?

What do you want the "reflector" to do?  The "sink at dane.sys4.de"
address will accept email, and your Postfix logs for a probe DSN
report will show whether TLS verification for that domain succeeded.

    $ sendmail -f postfix-users at dukhovni.org -bv sink at dane.sys4.de
    Mail Delivery Status Report will be mailed to <postfix-users at dukhovni.org>.

The attached DSN report shows the message queue-id, and the logs (find my
"collate" perl script in the list archives) show.

    Apr  8 17:47:22 mournblade postfix/pickup[25416]: 96F7F283034: uid=1034 from=<postfix-users at dukhovni.org>
    Apr  8 17:47:22 mournblade postfix/cleanup[24430]: 96F7F283034: message-id=<20150408174722.96F7F283034 at mournblade.imrryr.org>
    Apr  8 17:47:22 mournblade postfix/qmgr[8720]: 96F7F283034: from=<postfix-users at dukhovni.org>, size=302, nrcpt=1 (queue active)
    Apr  8 17:47:25 mournblade postfix/smtp[9856]: Verified TLS connection established to dane.sys4.de[194.126.158.134]:25: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
    Apr  8 17:47:25 mournblade postfix/smtp[9856]: 96F7F283034: to=<sink at dane.sys4.de>, relay=dane.sys4.de[194.126.158.134]:25, delay=2.8, delays=0.04/0.02/2.7/0.14, dsn=2.1.5, status=deliverable (250 2.1.5 Ok)
    Apr  8 17:47:25 mournblade postfix/bounce[26846]: 96F7F283034: sender delivery status notification: 84EBC283035
    Apr  8 17:47:25 mournblade postfix/qmgr[8720]: 96F7F283034: removed

This was "Verified" so DANE worked as expected.  Don't know of any
SMTP domains with deliberately broken TLSA records for test purposes
that should fail.

I don't think I should publish any of the (short) list of domains
that are broken through negligence as appropriate targets of public
tests.

-- 
	Viktor.
-------------- next part --------------
An embedded message was scrubbed...
From: MAILER-DAEMON at imrryr.org (Mail Delivery System)
Subject: Mail Delivery Status Report
Date: Wed,  8 Apr 2015 17:47:25 +0000 (UTC)
Size: 1900
URL: <https://mail.sys4.de/cgi-bin/mailman/private/dane-users/attachments/20150408/b8cf0c63/attachment.mht>


More information about the dane-users mailing list