Re: [exim] recipient DNSSEC validation question for exim 4.88 with exp DANE support

Auteur: Fasan, Stefan
Date:
À: Jeremy Harris, exim-users@exim.org
Sujet: Re: [exim] recipient DNSSEC validation question for exim 4.88 with exp DANE support

Thank you VERY much for the numerous responses, the missing AD bit in the dns reply indeed was the issue.

Setting in recursor.conf

Dnssec=validate

Solved the problem, using unbound also confirmed working!

--
Stefan Fasan

-----Ursprüngliche Nachricht-----
Von: Exim-users [mailto:exim-users-bounces+sfasan=libertyglobal.com@exim.org] Im Auftrag von Jeremy Harris
Gesendet: Mittwoch, 08. Februar 2017 13:48
An: exim-users@???
Betreff: Re: [exim] recipient DNSSEC validation question for exim 4.88 with exp DANE support

On 08/02/17 12:04, Fasan, Stefan via Exim-users wrote:
> dig mx4.unitybox.de +dnssec +multi
>
> ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6_7.7 <<>> mx4.unitybox.de
> +dnssec +multi ;; global options: +cmd ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13137 ;; flags: qr
> rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

            ^^^^^^^^
No AD bit in the reply.
--
Cheers,
  Jeremy

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Information gemäß § 14 Unternehmensgesetzbuch: UPC Austria GmbH, Firmensitz: Wolfganggasse 58-60, 1120 Wien, Firmenbuchnummer: FN 251865s, Handelsgericht Wien.

Ce message fait partie du fil suivant :
	Arborescence complète du fil triée par date
	Jeremy Harris à

Re: [exim] recipient DNSSEC validation question for exim 4.8…