Hello,
we want to use DNSSEC and DANE in our company to provide a more secure email-server for our customers.
Beside that, the german agency for infomrationtechnologysecurity (BSI) published a new guideline that requires DANE and DNSSEC to be used on a mail server. It is to expect, that this guideline becomes a must have for other goverment agencys, organization and even private companys who are dealing with sensitive informations (like ISPs).
Source: http://www.heise.de/netze/meldung/BSI-R ... 88316.html
My Question:
Can i already use Zimbra with DNSSEC and DANE validation? How can i enable it? When the feature ist not available at the moment, what are your plans on that?
Thank you!
DNSSEC and DANE Support requirement in Germany
-
oetiker
- Outstanding Member
- Posts: 276
- Joined: Fri Mar 07, 2014 1:05 pm
- Location: Switzerland
- ZCS/ZD Version: Release 10.0.6.GA.4518.UBUNTU20_64
- Contact:
Re: DNSSEC and DANE Support requirement in Germany
I found this
2085 zimbraMtaSmtpTlsDaneInsecureMXPolicy enum 8.7.0,9.0.0 Value for postconf smtp_tls_dane_insecure_mx_policy.
https://files.zimbra.com/docs/config-guide/index.html
2085 zimbraMtaSmtpTlsDaneInsecureMXPolicy enum 8.7.0,9.0.0 Value for postconf smtp_tls_dane_insecure_mx_policy.
https://files.zimbra.com/docs/config-guide/index.html