Viktor Dukhovni via Exim-users writes > The gmx.de MTAs support DANE in both directions. Does your MX host > have published DANE TLSA records? Are they correct? Is your > certificate still valid, or expired? ...
I have an issue that has a similar feel to it. It's with a host of Germanic providers gmx.de, gmx.at, web.de, mailbox.org ... 2019-03-25 09:00:08 1h8LSh-0001oy-Uy DANE attempt failed; TLS connection to mx-ha03.web.de [212.227.15.17]: (certificate verification failed): TLSA record problem: There was error initializing the DNS query. 2019-03-25 09:00:08 1h8LSh-0001oy-Uy DANE attempt failed; TLS connection to mx-ha02.web.de [212.227.17.8]: (certificate verification failed): TLSA record problem: There was error initializing the DNS query. 2019-03-25 09:00:08 1h8LSh-0001oy-Uy == [email protected] R=dnslookup T=remote_smtp defer (-37) H=mx-ha02.web.de [212.227.17.8]: TLS session: (certificate verification failed): TLSA record problem: There was error initializing the DNS query. 2019-03-25 09:22:27 1h8LSp-00020w-Qe DANE attempt failed; TLS connection to mx-ha02.web.de [212.227.17.8]: (certificate verification failed): TLSA record problem: There was error initializing the DNS query. 2019-03-25 09:22:27 1h8LSp-00020w-Qe == [email protected] R=dnslookup T=remote_smtp defer (-37) H=mx-ha02.web.de [212.227.17.8]: I am at a loss since that time. I have lost all my subscribers based at these domains. I was thinking that I may have to set up secure DNS to continue email. > It would be helpful to post your email domainname and server hostname. The sending domain is nep.repec.org, the server is at 5.9.150.131, 2a01:4f8:190:3385::2. -- Cheers, Thomas Krichel http://openlib.org/home/krichel skype:thomaskrichel -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
