How did you notice that "something is now broken"? "works for me" - I just tried it with an MTA that supports DANE:
server=172.102.240.42, starttls=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384, verify=DANE_SEC, cert_subject=/CN=mail3.five-ten-sg.com, cert_issuer=/C=US/O=Let's+20Encrypt/CN=R3, pubkey_fp=03:00:01:83:4D:71:0B:2F:EB:79:0C:C9:B2:C6:D2:51:C6:5B:1F:ED:C2:4C:51:A4:14:9B:DF:EA:E4:D4:0E:0B:E1:18:92 mail3.five-ten-sg.com 3 0 1 C203403D293A96CC4E7ABAA2F57A12BF8D2628A955A913B91A3C798896FCD6E3 mail3.five-ten-sg.com 3 0 1 834D710B2FEB790CC9B2C6D251C65B1FEDC24C51A4149BDFEAE4D40E0BE11892 Maybe you can try posttls-finger (from postfix) and see what is shows? _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
