Closed wioxjk closed 6 years ago
I think this is an issue with the DNS cache. I refreshed the assessment and the port 443 DANE showed up. Although we're treating your SMTP servers as sensitive, running a test from our development environment shows DANE there too. IIRC, our DNS cache is currently at 1 hour, which is probably the culprit. Could you please confirm?
Hi, I added TLSA for port 443, but I do also have it on port 25 on my MX and that does not show up.
I can only confirm that DANE under email still does not show up
DANE not showing up is due to the fact that we're being blocked by some of the SMTP servers and are unable to fetch the certificates. We have #2 for that and it won't be long now before we make the next batch of improvements. I am closing this ticket as I don't think our DANE code is at fault. Thanks!
Even if the MX record for the other servers is removed - DANE and DNSSEC still does not show up. Please check again and reopen the ticket.
It's not showing up because we're caching SMTP assessments, see below:
However, after manually clearing the cache, DANE shows up as expected.
It's all green: https://www.hardenize.com/report/selea.se/1521105680#email
Alright! I thought that pressing "Refresh report" would clean the cache. Thanks for the help and guidance!
Despite having deployed dane, and getting successful check with other tools like: https://www.huque.com/bin/danecheck https://dane.sys4.de/
Hardenize is unable to recognize it. Why?
The domain that the problem occurs on is selea.se