education.lu
James Cloos
cloos at jhcloos.com
Mon Jan 19 17:33:36 CET 2015
>>>>> "WB" == Wolfgang Breyha <wbreyha at gmx.net> writes:
WB> The DANE validator
WB> https://dane.sys4.de/smtp/education.lu
WB> says: "Unusable TLSA Records". Most likely because it is type 1 not allowed
WB> for DANE-SMTP?
There is little reason not to accept the distribution-provided /etc/ssl/certs
certificates when sending mail.
If you add those to your exim config then mail will send.
The postfix config string to do that is:
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
For exim it looks like the config is named:
tls_verify_certificates
If you set that to /etc/ssl/certs/ca-certificates.crt exim will verify
and accept tls for destinations like education.lu's mx servers.
-JimC
--
James Cloos <cloos at jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
More information about the dane-users
mailing list