Re: [exim] How can I establish that DANE is working correctl…

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MMJeremy Harris at <-
MM 
Delete this message
Reply to this message
Author: Viktor Dukhovni
Date:  
To: exim-users
Subject: Re: [exim] How can I establish that DANE is working correctly?

> On May 1, 2017, at 10:33 AM, Jeremy Harris <jgh@???> wrote:
>
> Having looked again at the coding I do not see that behaviour.
> Have you verified this by experiment?

Yes, with Phil Pennock doing the test. Example domains that
should fail, but I believe don't with Exim are: 

    truman.edu
    techtrack.gov
    mof.gov.tw


http://dnsviz.net/d/_25._tcp.barracuda.truman.edu/dnssec/
http://dnsviz.net/d/_25._tcp.mx1.techtrack.gov/dnssec/
http://dnsviz.net/d/_25._tcp.mail.mof.gov.tw/dnssec/

$ dig +noall +comment -t tlsa _25._tcp.barracuda.truman.edu
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 4694
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 8192 

-- 
    Viktor.



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] How can I establish that DANE is working correctly?[exim] error in ACL: unknown ACL condition/modifier in "demime = *"->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)