I don’t believe that’s the case. I haven’t seen outlook.com reject on lack of DNSSEC. I don’t use DNSSEC (for a variety of reasons, mostly because it doesn’t actually accomplish anything of value for security) and my mail servers are able to deliver to Microsoft servers.
What is the exact error you get? We can probably help you troubleshoot the problem.
If you really do want DNSSEC, Webmin does have support for configuring and managing DNSSEC.
That’s true. However when DNSSEC is enabled, which is the case, I have seen Outlook connections break because of TLSA record not being there for the MX record referred
If you want to use TLSA than I recommend you get an ssl cert for at least 2 years and remember when it expires. " Whenever a certificate is renewed (with selector=0), or when a key is rotated, a new TLSA record must be published before the new certificate is installed, whilst keeping DNS propagation delays in mind."
I have DNSSEC enabled on Postfix and my DNS provider and I don’t use TLSA and never had any problems with Outlook connections. Perhaps something else is triggering the break. I would check my postfix logs at the time it happens to see what the problem is.
Interesting to learn you do not use TLSA and have either DNSSEC enabled or disabled. The issue I had beginning of december may have another reason.
The thing is that when I correctly added the proper TLSA record for the host used in the MX record logs indicating issues with outlook connections disappeared.
I will remove TLSA record and actively monitor the logs and see if trouble comes back.
After I removed the TLSA version from the MX record, the troubles returned. But, after I removed the TLSA records from the domein of the troubled e-mail domains, tis solved the issue.
Outlook wants TLSA for the server in the MX record for domains with TLSA enabled. This should be taken into account when enabling TLSA for a domain.
For various domains in my management I use one MX server and thus MX record. When the destination domain is TLSA’d it is necessary to have the MX record TLSA’d too.