-
How could I configure mail delivery to try with TLS, but if the receiving server doesn't support it, to fall back to unencrypted transmission?
: TLS is required, but was not offered by
host [m…
-
Are these two sites - virtualmin.com and webmin.com running virtualmin ?
Is there any reason not to activate DNSSEC and TLSA?
Could these features be activated, as a test to prove they work and if n…
-
Hi,
thanks for swede - the nic.cz dnssec/tlsa firefox plugin is nice, but I also needed something for the command line, so swede came to the rescue.
However, when wrapping it into a monitoring check…
df7cb updated
10 years ago
-
From discussions with folks last year, and Michael today, I'm submitting a request for more support for Email-related record types:
TXT: DKIM, DMARC, SPF, TLSRPT, MTA-STS
TLSA
MX
MX should alr…
-
- Display SSL/TLS cipher suites used (for each step)
- ^^ using a graded score (see starttls.info for grading of RFC3207 starttls support on smtp servers)
- Integrate SPF check (& DKIM / DMARC)
- Inte…
-
`ldns-dane` does not support starttls. Now we call it via Python as a subprocess and we provide the certificates through standard input. This leaves `ldns-dane` to query the local resolver (that needs…
-
http://wiki.xmpp.org/web/Securing_DNS
-
DNS could be used to store C509 certificates, using DANE:
The DANE RR (TLSA) has four semantics for the "Certificate Usage Field", see section 2.1.1 of RFC6698, https://www.rfc-editor.org/rfc/rfc66…
-
When using mailcow on my local server I could not get it working 100% (TLSA, damn you!) with the iptables rules described in the instructions. The `sudo iptables -P FORWARD DROP` rule specifically was…
-
### systemd version the issue has been seen with
251.2-2ubuntu1
### Used distribution
Ubuntu 22.10 (Kinetic Kudu)
### Linux kernel version used
5.15.0-40-generic
### CPU architecture…