After upgrading to ISPConfig 3.2, emails with TLS configuration stopped sending email

Discussion in 'General' started by rodrigosarri, Oct 19, 2020.

  1. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    I disagree, you should not set this to may. If a external server has DANE configured incorrectly, that's on them. The mismatch is also a security mechanism.
     
  2. chrmrtns

    chrmrtns New Member

    That's true, security mechanism using dns and the tlsa record.
    Some have not configured correctly, and if you use dane you may leave mails on the table.
    It is just not established everywhere.
     
  3. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    If it's not set up it doesn't matter. But when it is set up your server respect that and not deliver if there is a mismatch.
     
  4. chrmrtns

    chrmrtns New Member

    Should be true, but I have seen too many failures.
    Just my two cents, you can set to may or leave as is with dane if you want to go the extra mile and want to have extra security.
    Unfortunately there are providers which try to force dane if or if not configured, and finally their emails would never reach you. I wish you luck that you will never have to deal with such companies who are not able to maintain a correct system.
     
  5. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    Their emails will reach you, but yours won't reach them. Of course I have to deal with other companies that do not have their servers set up correctly, and ISPConfig already has some settings set to non-optimal values to deal with that. But how far shall we go?
     
  6. chrmrtns

    chrmrtns New Member

    ISPConfig is the best platform I have ever seen, and re your question how far you should go: It is all fine, and nevertheless, re other companies: (not all, just a few) THEIR emails will not reach me, although mine go through like a charm.
     

Share This Page