19 Jan
2015
19 Jan
'15
12:49 p.m.
On 19/01/15 12:26, Felix Eckhofer wrote:
Hey.
Am 19.01.2015 12:15, schrieb Wolfgang Breyha:
One of our users tried to send mail to the domain education.lu. [...] Exim refuses to talk to those hosts at all with "failure while setting up TLS session". Is this expected behavior in terms of DANE-SMTP? What's postfix doing in this case?
Postfix (2.11.2) seems to be able to talk to education.lu just fine:
Postfix doesn't honor 3.1.3 of the latest DANE-SMTP draft then?
"...SMTP client treatment of TLSA RRs with certificate usages PKIX-TA(0) or PKIX-EE(1) is undefined. SMTP clients should generally treat such TLSA records as unusable."
Greetings, Wolfgang
--
Wolfgang Breyha wbreyha@gmx.net | http://www.blafasel.at/
Vienna University Computer Center | Austria