Dear Patrick, Patrick Ben Koetter via Postfix-users <postfix-users@postfix.org> writes:
> (...) > You don't need DNSSEC for your DNS zone *if* your server should DANE-verify > other DANE enabled receiver platforms. In this case all you need to do is run > a DNSSEC-verifying DNS resolver on your server (not systemd-resolved) and > configure Postfix to use DANE when it sends messages: Wow! Good news ^^^ > smtp_dns_support_level = dnssec > smtp_tls_security_level = dane > smtp_tls_loglevel = 1 Thanks for kind example! > I do recommend to enable at least DANE on the outbound side to let your users > participate from the higher level of security. Thank you! > > P.S. > See also: https://blog.sys4.de/blog/outbound-dane/, which I've written in > German. Don't worry, i can read that docs. Google translator is so good. Sincerely, Byung-Hee -- ^고맙습니다 _布德天下_ 감사합니다_^))// _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
