Hello,
> Le 14 déc. 2025 à 12:34, Viktor Dukhovni via mailop <[email protected]> a > écrit : > > On Sun, Dec 14, 2025 at 12:11:09PM +0700, Xavier Beaudouin via mailop wrote: > >> A friend of mine told me he cannot reach me since few days. Looking on >> the logs I see that infomaniak seems to connect ot my mail server, but >> close directly the connection…. > > And not just infomaniak, any MTA that implements DANE outbound: (…) > If you've implemented inbound DANE (published TLSA records for your MX > hosts) *without* or prior to implementing timely monitoring of the > correctness of said TLSA records, then you're doing it all wrong. > Unmonitored security is an oxymoron. > > > https://list.sys4.de/hyperkitty/list/[email protected]/message/6723WDBLPYWSXAORTAJR7EPAIOFAP5N4/ Yes, you are right, the TLSA was borken. I just fixed it right now and now this is ok. The issue was because I was forced to regenerate my certificate from scratch… and… I didn’t monitored the TLSA record. Thanks to this mailing list that sent me the right tool to check that. Now I’ll have to monitor that as well. Thanks Victor to point me this thing I forgotten to do :) Xavier — Xavier BEAUDOUIN SiamNok Ltd - Smart Solutions for Koh Samui https://siamnok.co.th/ X: @SiamNokCoTh
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
