no _smtp_tls in published zone

Tue, 01 Jun 2021 22:00:18 -0700 

I have added the following two records
_mta-sts.BrettDelmage.ca.                     180 IN TXT        "v=STSv1; 
id=2021060102;"
_smtp._tls.BrettDelmage.ca.                   180 IN TXT        "TLSRPTv1; 
rua=mailto:br...@brettdelmage.ca";
to a signed zone to enable Mail Transfer Agent Strict Transport Security.

When I run

/var/lib/bind/master# named-compilezone -k warn -o - BrettDelmage.ca 
BrettDelmage.ca

I get the expected error for the leading _, but only for _mta_sts.

BrettDelmage.ca:21: mta_sts.BrettDelmage.ca: bad owner name (check-names)
zone BrettDelmage.ca/IN: loaded serial 2021060110
BrettDelmage.ca.                              180 IN SOA        
cacloud.brettdelmage.ca. hostmaster.BrettDelmage.ca. 2021060110 180 300 1814400 
3600
...
_mta-sts.BrettDelmage.ca.                     180 IN TXT        "v=STSv1; 
id=2021060102;"
_smtp._tls.BrettDelmage.ca.                   180 IN TXT        "TLSRPTv1; 
rua=mailto:br...@brettdelmage.ca";
...
OK

When I load the zone I can fetch _mta-sts.BrettDelmage.ca
 dig @127.0.0.1 _mta-sts.brettdelmage.ca txt +short
"v=STSv1; id=2021060102;"

but not _smtp._tls.BrettDelmage.ca.:

dig @127.0.0.1 _smtp._tls.brettdelmage.ca txt

; <<>> DiG 9.16.16-Ubuntu <<>> @127.0.0.1 _smtp._tls.brettdelmage.ca txt
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37893
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: a70534bd6a80a8c70100000060b70dbd54a4db11f1a5b7d1 (good)
;; QUESTION SECTION:
;_smtp._tls.brettdelmage.ca.    IN      TXT

;; AUTHORITY SECTION:
BrettDelmage.ca.        180     IN      SOA     cacloud.brettdelmage.ca. 
hostmaster.BrettDelmage.ca. 2021060110 180 300 1814400 3600

-----
named -v
BIND 9.16.16-Ubuntu (Stable Release) <id:0c314d8>

What am I doing wrong here?

Thanks!

Brett

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to