Dear all,
when opening the DNS Info Page for my server mail.lan.suhle.de, I see the following:

_25._tcp.mail.lan.suhle.de 	TLSA 	
3 1 1 771e6212f78436d9ba37b76618d1adbf83e68bb7681f4884d95c936a80c340f1 	
3 1 1 fb32609f71dcd45c9c1568c7481f44c77bb08f77c35d425515bc9864b5e1336a

What I do not understand is: Where is the wrong reading (fb32609f71dcd45c9c1568c7481f44c77bb08f77c35d425515bc9864b5e1336a) coming from?
On the same server at the command line, the correct value is showing:

root@mail:/opt/mailcow-dockerized# docker compose exec unbound-mailcow dig TLSA _25._tcp.mail.lan.suhle.de

; <<>> DiG 9.18.27 <<>> TLSA _25._tcp.mail.lan.suhle.de
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6621
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;_25._tcp.mail.lan.suhle.de.	IN	TLSA

;; ANSWER SECTION:
_25._tcp.mail.lan.suhle.de. 60	IN	TLSA	3 1 1 771E6212F78436D9BA37B76618D1ADBF83E68BB7681F4884D95C936A 80C340F1

;; Query time: 103 msec
;; SERVER: 127.0.0.11#53(127.0.0.11) (UDP)
;; WHEN: Sun Feb 09 10:09:30 CET 2025
;; MSG SIZE  rcvd: 102

What the heck?

Anybody able to help?

Kind regards,

  • Meanwhile, I set the validity of all values to 60 seconds, and - I don’t know why - all of a sudden, the correct TLSA shows up. I set this topic to SOLVED

Meanwhile, I set the validity of all values to 60 seconds, and - I don’t know why - all of a sudden, the correct TLSA shows up. I set this topic to SOLVED

Have something to say?

Join the community by quickly registering to participate in this discussion. We'd like to see you joining our great moo-community!

No one is typing