wbreyha at gmx.net
Mon Jan 19 12:49:27 CET 2015
On 19/01/15 12:26, Felix Eckhofer wrote:
> Am 19.01.2015 12:15, schrieb Wolfgang Breyha:
>> One of our users tried to send mail to the domain education.lu.
>> Exim refuses to talk to those hosts at all with "failure while setting up
>> TLS session". Is this expected behavior in terms of DANE-SMTP? What's
>> postfix doing in this case?
> Postfix (2.11.2) seems to be able to talk to education.lu just fine:
Postfix doesn't honor 3.1.3 of the latest DANE-SMTP draft then?
"...SMTP client treatment of TLSA RRs with certificate usages PKIX-TA(0)
or PKIX-EE(1) is undefined. SMTP clients should generally treat such
TLSA records as unusable."
Wolfgang Breyha <wbreyha at gmx.net> | http://www.blafasel.at/
Vienna University Computer Center | Austria
More information about the dane-users