tinfoilhatDane in postfix is not hard but what many of the things out there dont say (not here)  is that the tlsa record should state a host name


so port 25, using tcp, on host smtp, for domian kernel-error.de

crossport 25, tcp, domain wont work.


Postfix is a little more specific than that for https requests.


the man who became a pig

the man who became a pig

I wish i knew that before i started. Anyhow the zoo has dane, which is not a danish farm animal

8 responses

  1. Pingback: Gandi ssl certificates in postfix | Bananas in the Falklands

  2. Pingback: Letsencrypt in debian – not yet production ready | Bananas in the Falklands

  3. Pingback: Better postfix tls | Bananas in the Falklands

  4. Pingback: tlsv1.0 in the wild. | Bananas in the Falklands

  5. Pingback: Letsencrypt finally figured out (meh) | Bananas in the Falklands

  6. Pingback: caa records the hardish way | Bananas in the Falklands

  7. Pingback: mailgraph and logwatch reporting curiosities with postmulti and some regex’es for fun. | Bananas in the Falklands

  8. Pingback: tls renewal time from the last time i did them | Bananas in the Falklands

by golly but...

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.