From c2d7caec4daaba4340a720fca606e6ccf79b382d Mon Sep 17 00:00:00 2001
From: olli <olli@ds9.dedyn.io>
Date: Mon, 18 Dec 2023 14:19:34 +0100
Subject: [PATCH] mailcow.yml aktualisiert

---
 mailcow.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/mailcow.yml b/mailcow.yml
index 7f5fa5e..e1ea448 100644
--- a/mailcow.yml
+++ b/mailcow.yml
@@ -442,6 +442,7 @@
             [ "${certname}" != "${host}.pem" ] && continue
             tlsa=$(openssl x509 -in "${cert}" -noout -pubkey 2>/dev/null | openssl rsa -pubin -outform DER 2>/dev/null | openssl dgst -sha256 -hex 2>/dev/null | cut -d" " -f2)
             dnstlsa=$(host -t TLSA *._tcp.${host} | cut -d" " -f 8,9 | tr '[:upper:]' '[:lower:]' | sed 's/ //g')
+            echo ${dnstlsa} | egrep -q "^bereached$" && continue
             [ "${tlsa}" != "${dnstlsa}" ] && g_echo_error "DNS TLSA incorrect! *._tcp.${host} should be ${tlsa} but is ${dnstlsa} (host -t TLSA *._tcp.${host})"
           done
           rm *.pem