education.lu

Felix Eckhofer felix at tribut.de
Mon Jan 19 12:26:38 CET 2015 

Hey.

Am 19.01.2015 12:15, schrieb Wolfgang Breyha:
> One of our users tried to send mail to the domain education.lu.
> [...]
> Exim refuses to talk to those hosts at all with "failure while setting 
> up
> TLS session". Is this expected behavior in terms of DANE-SMTP? What's
> postfix doing in this case?

Postfix (2.11.2) seems to be able to talk to education.lu just fine:

posttls-finger: using DANE RR: _25._tcp.smtpgate2.restena.lu IN TLSA 1 0 
2 
75:12:52:FD:4B:22:7D:40:A0:FA:D1:D3:AB:3D:4B:67:49:49:D8:4E:8B:B9:9B:08:14:CC:08:27:5F:66:6C:1C:9C:92:67:B6:F5:F6:86:EA:D2:19:39:B8:1F:1E:2B:90:CE:7C:24:06:F3:2E:70:E0:BD:1D:44:BC:B6:10:00:4E
posttls-finger: Connected to smtpgate2.restena.lu[158.64.1.59]:25
posttls-finger: < 220 smtpgate2.restena.lu ESMTP
posttls-finger: > EHLO metis.tribut.de
posttls-finger: < 250-smtpgate2.restena.lu
posttls-finger: < 250-PIPELINING
posttls-finger: < 250-SIZE 29622272
posttls-finger: < 250-STARTTLS
posttls-finger: < 250-ENHANCEDSTATUSCODES
posttls-finger: < 250 8BITMIME
posttls-finger: > STARTTLS
posttls-finger: < 220 2.0.0 Ready to start TLS
posttls-finger: smtpgate2.restena.lu[158.64.1.59]:25: depth=0 matched 
end entity certificate sha512 digest 
75:12:52:FD:4B:22:7D:40:A0:FA:D1:D3:AB:3D:4B:67:49:49:D8:4E:8B:B9:9B:08:14:CC:08:27:5F:66:6C:1C:9C:92:67:B6:F5:F6:86:EA:D2:19:39:B8:1F:1E:2B:90:CE:7C:24:06:F3:2E:70:E0:BD:1D:44:BC:B6:10:00:4E
posttls-finger: smtpgate2.restena.lu[158.64.1.59]:25: Matched 
subjectAltName: *.restena.lu
posttls-finger: smtpgate2.restena.lu[158.64.1.59]:25: subjectAltName: 
restena.lu
posttls-finger: smtpgate2.restena.lu[158.64.1.59]:25 CommonName 
*.restena.lu
posttls-finger: smtpgate2.restena.lu[158.64.1.59]:25: 
subject_CN=*.restena.lu, issuer_CN=GlobalSign Organization Validation CA 
- SHA256 - G2, 
fingerprint=ED:82:8A:81:32:90:E5:1F:94:39:15:5D:49:DE:2A:5A:40:5B:1F:51, 
pkey_fingerprint=2A:D8:19:E7:7E:C3:5D:06:4D:5E:5C:D9:49:D3:25:2F:31:82:43:D3
posttls-finger: Verified TLS connection established to 
smtpgate2.restena.lu[158.64.1.59]:25: TLSv1.2 with cipher 
ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
posttls-finger: > EHLO metis.tribut.de
posttls-finger: < 250-smtpgate2.restena.lu
posttls-finger: < 250-PIPELINING
posttls-finger: < 250-SIZE 29622272
posttls-finger: < 250-ENHANCEDSTATUSCODES
posttls-finger: < 250 8BITMIME
posttls-finger: > QUIT
posttls-finger: < 221 2.0.0 Bye


Regards
felix

More information about the dane-users mailing list