Re: [exim] TLSA Security vs SSL/TLS security

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MViktor Dukhovni at <-
MViktor Dukhovni at ->
Delete this message
Reply to this message
Author: Jeremy Harris
Date:  
To: exim-users
Subject: Re: [exim] TLSA Security vs SSL/TLS security
On 04/09/16 20:44, Viktor Dukhovni wrote:
> On Sep 3, 2016, at 10:22 AM, Jeremy Harris <jgh@???> wrote:
>> If you do SRV lookups (via the dnslookup router check_srv option)
>> you'll get the port given by that.
>
> I am not aware of any RFC that specifies that MTAs should use SRV
> records to locate the nexthop SMTP server when such SRV records are
> present.

Careful wording there, with "should" :)

For "may", I reference

RFC2782 section "The format of the SRV RR" para "Service"
and
STD 2 (RFC 1700) section "PROTOCOL AND SERVICE NAMES".


I wasn't trying to imply that doing it is normal practice, and Exim's
default is not to.
--
Jeremy


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] TLSA Security vs SSL/TLS securityRe: [exim] SPAM ACL question->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)