Hello Viktor, Hello List-Participants, On Thu, 19 May 2016 16:04:19 +0000 Viktor Dukhovni <[email protected]> wrote:
> I was going to guess that spamd or similar is the most likely > culprit, even before you said you're running it. > > https://dane.sys4.de/common_mistakes#8 > > It might be enabling TLS only for cached "known good" clients, but > that is not compatible with DANE. I've found the issue, it was a configuration error on my behalf on the IPv4 side of "smtp2.strotmann.de" that causes STARTTLS to be denied (for all clients). The IPv6 side of the configuration was always working and most mail-sender preferred IPv6, that is the reason why the configuration issue was not seen immediatly. Lesson learned: monitoring needs to cover IPv4 and IPv6 separatly. The GMX people have contacted me and were very helpful in debugging this issue. This now seems to be fixed, mail from GMX is coming in again. Have a good week! Carsten
pgp5XlDzmtfkJ.pgp
Description: OpenPGP digital signature
