This PPA contains development version of Postfix with DANE protocol support.

Enable with:

# cat << EOF > /etc/postfix/main.cf
smtp_dns_support_level = dnssec
smtp_tls_security_level = dane
smtp_tls_loglevel = 1

# /etc/init.d/postfix restart

And look for:

Aug 2 10:35:49 jedi postfix/smtp[24161]: ***Verified*** TLS connection established to mail.nic.cz[]:25: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)


Aug 2 10:46:54 jedi postfix/smtp[24300]: ***Untrusted*** TLS connection established to aspmx.l.google.com[2a00:1450:4001:c02::1b]:25: TLSv1.2 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)

Thanks Viktor Dukhovni for this work!

Adding this PPA to your system

You can update your system with unsupported packages from this untrusted PPA by adding ppa:ondrej/postfix+dane to your system's Software Sources. (Read about installing)

sudo add-apt-repository ppa:ondrej/postfix+dane
sudo apt-get update
