git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
DANE: do not trust a non-dnssec NXDOMAIN return for the TLSA lookup
[exim.git]
/
src
/
src
/
transports
/
smtp.c
diff --git
a/src/src/transports/smtp.c
b/src/src/transports/smtp.c
index 8f1e0bff8ac7592fe4a303b93c9eb68b8732cca5..9c95a412487073f325d1920206d3f45366289504 100644
(file)
--- a/
src/src/transports/smtp.c
+++ b/
src/src/transports/smtp.c
@@
-1209,7
+1209,7
@@
switch (rc)
case DNS_NODATA: /* no TLSA RR for this lookup */
case DNS_NOMATCH: /* no records at all for this lookup */
- return dane_required ? FAIL :
FAIL_FORCED
;
+ return dane_required ? FAIL :
sec ? FAIL_FORCED : DEFER
;
default:
case DNS_FAIL:
git://git.exim.org / exim.git / blobdiff