On 24 Aug 2015, at 1:09, Viktor Dukhovni wrote: > On Sun, Aug 23, 2015 at 02:18:39PM -0400, Paul Wouters wrote: > >>> mail.example.com. IN A 192.168.1.1 >>> _426._tcp.mail.example.om. IN TLSA .... > > _25._tcp for SMTP, no idea where _426 is from.
Sorry, 465. But we could as well use 25 in the example. >>> What seems to have happened in the tests that Jan did was that IF the MX >>> was not signed, BUT the TLSA was signed and validated correctly, THEN >>> postfix did _NOT_ deliver the email. At all. > > The tests were badly executed or profoundly misinterpreted. > >>> I think that behaviour is wrong, and am unsure whether it is a bug in >>> postfix or whether it is a bug in the spec. > > Neither. > >>> That would be a bug in postfix? The spec states: > > Would be, but is not, because Postfix does not behave as claimed. Ok, thanks!!! paf
signature.asc
Description: OpenPGP digital signature
_______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
