Hello Saulius, [email protected] ([email protected]), 2024.07.01 (Mon) 10:09 (CEST): > And recently I'm started getting such errors for e-mails coming from > outbound.protection.outlook.com servers. > > Jun 17 10:20:42 smtp01 smtpd[7838]: 33c0e6f7addb24d1 smtp disconnected > reason="io-error: write failed: Connection reset by peer" > > Is my understanding correct that "Connection reset by peer" means that > remote host (outlook.com) closed/reset the connection?
I think that is what it means. And it reminds me of a recent thread on [email protected] (the list archive is private*). The gist, as stated: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Date: Sat, 29 Jun 2024 10:31:06 +1000 From: Viktor Dukhovni via mailop <[email protected]> To: [email protected] [...] Reading your first post brought to mind the recent report of potential issues at Microsoft's outbound servers with "too many" TLSA records (more than ~12). I was looking at your TLSA RRset (14 TLSA records): [...] That said, do you really need all 14 records? ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ The OP replied with: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Date: Fri, 28 Jun 2024 23:23:04 -0400 From: "Jim P. via mailop" <[email protected]> To: [email protected] [...] Thank you for the detailed breakdown of the problem and resolution. I have removed the E* TLSA records and mails from Microsoft are flowing in. I'll make a note to remove the R3/R4 records next week and then plan for adding the E* TLSA records back in and switching to ECDSA in the near future. Thanks again Viktor, you've been an awesome help. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Is this something you should take a look at? Marcus * https://list.mailop.org/listinfo/mailop
