DNSSEC and DANE Support requirement in Germany

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
Posts: 1
Joined: Tue Aug 25, 2015 1:55 am

DNSSEC and DANE Support requirement in Germany

Postby kujioztr » Tue Aug 25, 2015 1:59 am


we want to use DNSSEC and DANE in our company to provide a more secure email-server for our customers.

Beside that, the german agency for infomrationtechnologysecurity (BSI) published a new guideline that requires DANE and DNSSEC to be used on a mail server. It is to expect, that this guideline becomes a must have for other goverment agencys, organization and even private companys who are dealing with sensitive informations (like ISPs).

Source: http://www.heise.de/netze/meldung/BSI-Richtlinie-fuer-sicheren-Mail-Transport-zeigt-bereits-Wirkung-2788316.html

My Question:

Can i already use Zimbra with DNSSEC and DANE validation? How can i enable it? When the feature ist not available at the moment, what are your plans on that?

Thank you!

User avatar
Advanced member
Advanced member
Posts: 163
Joined: Fri Mar 07, 2014 1:05 pm
Location: Switzerland
ZCS/ZD Version: Release 8.8.12.GA.3794.UBUNTU16.64

Re: DNSSEC and DANE Support requirement in Germany

Postby oetiker » Wed Sep 11, 2019 2:39 pm

I found this

2085 zimbraMtaSmtpTlsDaneInsecureMXPolicy enum 8.7.0,9.0.0 Value for postconf smtp_tls_dane_insecure_mx_policy.


Return to “Administrators”

Who is online

Users browsing this forum: No registered users and 11 guests