On 01 Feb 2021, at 13:38, Viktor Dukhovni wrote:
>
> On Mon, Feb 01, 2021 at 12:09:38PM +, pat...@patpro.net wrote:
>
>> It's a risk I can take if I'm stuck but I'm willing to try the dual-sign
>> method.
>
> I should mention that given the humongous sizes of your current
> signatures, dua
On Mon, Feb 01, 2021 at 12:09:38PM +, pat...@patpro.net wrote:
> It's a risk I can take if I'm stuck but I'm willing to try the dual-sign
> method.
I should mention that given the humongous sizes of your current
signatures, dual signing will make things noticeably worse in
the meantime, unle
On Mon, Feb 01, 2021 at 12:09:38PM +, pat...@patpro.net wrote:
> I do run BIND 9.16.x and I've just read a few things about
> dnssec-keymgr and dnssec-policy.conf that I need to dig in
> (https://www.sidn.nl/en/dnssec/dnssec-signatures-in-bind-named).
Good luck, feel free to post your experie
February 1, 2021 11:07 AM, "Viktor Dukhovni" wrote:
> On Mon, Feb 01, 2021 at 09:54:47AM +, pat...@patpro.net wrote:
>
>> What would be the main steps to renew keys with best practice in mind
>> (algorithm 13 with ECDSA P256 keys)? I'm trying and find a good
>> how-to but most are quite old
On Mon, Feb 01, 2021 at 09:54:47AM +, pat...@patpro.net wrote:
> > but more importantly, your DNSSEC implementation is FUBAR:
>
> I've chosen to go with huge keys from the start to be "future proof",
> not so smart I guess.
Yes, turned out to just be a source of problems, with no benefit.
>
January 31, 2021 10:29 PM, "Viktor Dukhovni" wrote:
> On Sun, Jan 31, 2021 at 07:15:05PM +0100, Patrick Proniewski wrote:
>
>> fixed:
>>
>> $ telnet mail.patpro.net 25
>> Trying 193.30.227.216...
>> Connected to mail.patpro.net.
>> Escape character is '^]'.
>> 220-rack.patpro.net Do not say any
On Sun, Jan 31, 2021 at 07:15:05PM +0100, Patrick Proniewski wrote:
> fixed:
>
> $ telnet mail.patpro.net 25
> Trying 193.30.227.216...
> Connected to mail.patpro.net.
> Escape character is '^]'.
> 220-rack.patpro.net Do not say anything yet
You might also throw "ESMTP" in there:
220-hostn
On 31 Jan 2021, at 18:13, Wietse Venema wrote:
>
> Patrick Proniewski:
>> I'm looking for a tool/service that would help me diagnose delivery problems
>> to my server? Any hint appreciated.
> What about good old telnet or netcat?
because I'm looking for a way to test as many remote locations
Patrick Proniewski:
> Hello,
>
> I've got a strange problem with my MX server, that is not related to postfix:
> looks like neither Steam nor Binance can post email to me. I've had a
> discussion with Steam support, they said they have delivery failure on their
> side but couldn't provide more
Hello,
I've got a strange problem with my MX server, that is not related to postfix:
looks like neither Steam nor Binance can post email to me. I've had a
discussion with Steam support, they said they have delivery failure on their
side but couldn't provide more details than this:
Time Attemp
10 matches
Mail list logo
