validation problem

Andreas Schulze andreas.schulze at datev.de
Thu Sep 6 16:04:48 CEST 2018


Am 04.09.2018 um 09:54 schrieb Andreas Schulze:
> Hello,
> 
> unsure it that topic may better discussed on postfix-users....
> 
> I'm messages for <*@sushi-circle.de> in my outbound deferred queue.
> Sep  2 11:15:38 idvmailout02 postfix/smtp[73811]: 422V1C0rjyzNkGv: to=<***@sushi-circle.de>, relay=none, delay=88795, delays=88794/0.24/0.61/0, dsn=4.7.5, status=deferred (TLSA lookup error for login.enterprise-email.com:25)
> Sep  2 11:15:38 idvmailout02 postfix/smtp[73811]: warning: TLS policy lookup for sushi-circle.de/login.enterprise-email.com: TLSA lookup error for login.enterprise-email.com:25
> Sep  2 11:15:38 idvmailout02 postfix/smtp[73811]: warning: DANE TLSA lookup problem: Host or domain name not found. Name service error for name=_25._tcp.login.enterprise-email.com type=TLSA: Host not found, try again
> Sep  2 11:15:37 idvmailout02 postfix/smtp[73811]: warning: DANE TLSA lookup problem: Host or domain name not found. Name service error for name=_25._tcp.login.enterprise-email.com type=TLSA: Host not found, try again
> 
> I wonder, why postfix try to lookup TLSA Records for the MX at all. The destination domain sushi-circle.de is unsigned and so any TLSA for the MX don't matter.
> Is there any switch to influence that behavior?
> 
> mail_version = 3.2.5
> 
Update: the very responsive people @iptox.net fixed that. No issue anymore.
Thanks!

-- 
A. Schulze
DATEV eG


More information about the dane-users mailing list