> On Jun 11, 2019, at 4:30 AM, Jeremy Harris via Exim-users <exim-users@???> wrote:
>
>> 2019-03-25 09:00:08 1h8LSh-0001oy-Uy DANE attempt failed; TLS connection
>> to mx-ha03.web.de [212.227.15.17]: (certificate verification failed): TLSA
>> record problem: There was error initializing the DNS query.
>
> It'd be useful to know whether this DNS access is being done by
> Exim of by the GnuTLS library. Would it be possible to get debug
> output for a sample? What about a packet capture, for the same sample?
A quick web search shows that the error message in question is from
the GnuTLS DANE library in dane_state_init() trying to initialize
libunbound...
--
Viktor.
