[dns-operations] At least 3 CloudFlare DNS-hosted domains with oddball TLSA lookup ServFail
Viktor Dukhovni
ietf-dane at dukhovni.org
Thu Apr 23 06:20:07 UTC 2020
On Mon, Apr 20, 2020 at 11:55:38AM +0100, Christian Elmerot wrote:
> On 2020-04-19 07:55, Viktor Dukhovni wrote:
> > The CloudFlare auth servers return ServFail for the TLSA lookup of:
> >
> > https://dnsviz.net/d/_25._tcp.mx01.mx-hosting.ch/XpvvXg/dnssec/
> > https://dnsviz.net/d/_25._tcp.mail.markleenen.eu/Xpvvcg/dnssec/
> > https://dnsviz.net/d/_25._tcp.box.nobodyghost.net/Xpvvow/dnssec/
>
> Those ServFails are being looked into as that is something different and
> a bug I believe. I'll get back with more information when the issue's
> been identified in our pipeline.
Great, thanks. Not yet resolved FWIW:
http://dnssec-stats.ant.isi.edu/~viktor/dnsviz/cloudflare.com.html
This negatively affects email to at least eight domains:
mx-hosting.ch
smartcity-system.ch
flavio-meyer.ch
premier-etage.ch
itsupport-luzern.ch
smartcity-system.com
markleenen.eu
nobodyghost.net
--
Viktor.
More information about the dns-operations
mailing list