Validating an SMTP server
Viktor Dukhovni
ietf-dane at dukhovni.org
Mon Sep 7 19:32:33 CEST 2015
On Mon, Sep 07, 2015 at 07:13:55PM +0200, Benny Pedersen wrote:
> Simson Garfinkel skrev den 2015-09-07 19:02:
>
> >http://ec2.simson.net/dane_check.cgi?host=hoggins.fr
> >
> >It is much more verbose than the sys4.de tester.
>
> just small fail it says try all ips, but it does not test ipv6
>
> else it seems to do good job, thanks for shareing it
>
> http://ec2.simson.net/dane_check.cgi?host=fido.dk
It still needs a bit of work. For example, when a domain is only
partly protected (some MX hosts don't have TLSA records), you have
to scroll down a bunch to see that, the summary info does not show
this.
I would also recommend a cache (like dnsviz.net, and dane.sys4.de),
with revalidation only on user request. Don't want to bang away
at the most popular sites.
--
Viktor.
More information about the dane-users
mailing list