Re: [exim] TLSA Security vs SSL/TLS security

Top Page
Delete this message
Reply to this message
Author: Jeremy Harris
Date:  
To: exim-users
Subject: Re: [exim] TLSA Security vs SSL/TLS security
On 04/09/16 20:44, Viktor Dukhovni wrote:
> On Sep 3, 2016, at 10:22 AM, Jeremy Harris <jgh@???> wrote:
>> If you do SRV lookups (via the dnslookup router check_srv option)
>> you'll get the port given by that.
>
> I am not aware of any RFC that specifies that MTAs should use SRV
> records to locate the nexthop SMTP server when such SRV records are
> present.


Careful wording there, with "should" :)

For "may", I reference

RFC2782 section "The format of the SRV RR" para "Service"
and
STD 2 (RFC 1700) section "PROTOCOL AND SERVICE NAMES".


I wasn't trying to imply that doing it is normal practice, and Exim's
default is not to.
--
Jeremy