Jeremy Harris via Exim-users writes
> On 11/06/2019 05:12, Thomas Krichel via Exim-users wrote:
> > I have an issue that has a similar feel to it. It's with a host of
> > Germanic providers gmx.de, gmx.at, web.de, mailbox.org ...
> >
> > 2019-03-25 09:00:08 1h8LSh-0001oy-Uy DANE attempt failed; TLS connection
> > to mx-ha03.web.de [212.227.15.17]: (certificate verification failed): TLSA
> > record problem: There was error initializing the DNS query.
>
> It'd be useful to know whether this DNS access is being done by
> Exim of by the GnuTLS library. Would it be possible to get debug
> output for a sample?
If I knew how to make this, sure. I'm trying with
cat /home/ernad/test.mail | /usr/sbin/exim4 -t -d tls > /tmp/debug_tls.out 2> /tmp/debug_tls.err
I'm posting it at
http://openlib.org/home/krichel/tls.txt
> What about a packet capture, for the same sample?
It turns out that now gmail are not taking my mail anymore since
Sunday. I become aware of this this morning. It maybe the earlier
failure is related to the current one.
One thing pretty much for sure, I have aonther server,
amorp.openlib.org, the one I am writing now from, where I have the
same exim.key and exim.crt files, same owners, same permissions,
same exim version, and I don't have a problem there.
Now I'm supposed to head out to the beach for a barbecue
when I'd rather stay in and debug this further ;-(
--
Cheers,
Thomas Krichel http://openlib.org/home/krichel
skype:thomaskrichel