EOP-176 tlsa_expire_interval

SparkPost · Jun 14, 2024 · fbb9ac1 · fbb9ac1
1 parent f85e332
commit fbb9ac1
Show file tree

Hide file tree

Showing 3 changed files with 26 additions and 0 deletions.
diff --git a/content/momentum/4/config-options-summary.md b/content/momentum/4/config-options-summary.md
@@ -352,6 +352,7 @@ The `Version` column indicated the version(s) of Momentum that support the optio
 | [tls_verified_peer_is_authorized](/momentum/4/config/tls-verified-peer-is-authorized) – Mark requests that use a verified SSL Client certificate as being authorized | sending | false | 4.0 and later | http_listener, listen, pathway, peer |
 | [tls_verify](/momentum/4/config/tls-verify) – Specify how to handle the remote presented certificate | sending | no | 4.0 and later | binding, binding_group, domain, global |
 | [tls_verify_mode](/momentum/4/config/tls-verify-mode) – Determine whether a TLS certificates is required | receiving |   | 4.0 and later | ecstream_listener, esmtp_listener, http_listener, listen, pathway, pathway_group, peer, xmpp_listener |
+| [tlsa_expire_interval](/momentum/4/config/ref-tlsa-expire-interval) – How often to check for domains with expired DANE TLSA information | sending | 3600 | 4.8 and later | global |
 | [topology](/momentum/4/4-cluster-config-duravip) *(scope)* – Define the cluster network topology (cluster-specific) | na |   | 4.0 and later | cluster |
 | [trace_smtp_mode](/momentum/4/config/ref-trace-smtp-mode) – Set the default permissions of trace files | sending | 0640 (*non-dynamic*) | 4.0 and later | global |
 | [tracking_domain](/momentum/4/config/tracking-domain) – Set the tracking domain to use for engagement tracking in SMTP injections | string | localhost:8080 | 4.1-HF4 (beta) | esmtp_listener, listen, pathway, pathway_group, peer |

diff --git a/content/momentum/4/config/index.md b/content/momentum/4/config/index.md
@@ -217,6 +217,7 @@ description: "This chapter provides the definitions of the configuration options
 | [tls_verified_peer_is_authorized](/momentum/4/config/tls-verified-peer-is-authorized) | Marks requests that use a verified SSL Client certificate as being authorized |
 | [tls_verify](/momentum/4/config/tls-verify) | specify how to handle the remote presented certificate |
 | [tls_verify_mode](/momentum/4/config/tls-verify-mode) | determine whether a TLS certificate is required |
+| [tlsa_expire_interval](/momentum/4/config/ref-tlsa-expire-interval) | how often to check for domains with expired DANE TLSA information |
 | [trace_smtp_mode](/momentum/4/config/ref-trace-smtp-mode) | set the default permissions of trace files |
 | [tracking_domain](/momentum/4/config/tracking-domain) | set the tracking domain to use for engagement tracking in SMTP injections |
 | [tracking_link_expiry](/momentum/4/config/tracking-link-expiry) | set the expiration time for engagement tracking for SMTP injections |

diff --git a/content/momentum/4/config/ref-tlsa-expire-interval.md b/content/momentum/4/config/ref-tlsa-expire-interval.md
@@ -0,0 +1,24 @@
+---
+lastUpdated: "03/26/2024"
+title: "tlsa_expire_interval"
+description: "tlsa expire interval how often to check for domains with expired DANE TLSA record information dns tlsa expire interval"
+---
+
+<a name="conf.ref.tlsa_expire_interval"></a> 
+## Name
+
+tlsa_expire_interval — how often to check for domains with expired DANE TLSA information
+
+## Synopsis
+
+`tlsa_expire_interval = 120`
+
+## Description
+
+How often the garbage collector should check for domains with expired DANE TLSA record entries and remove them.  This information is normally refreshed during regular DNS record refresh, but if domains have not been used in a long time, this will remove those unneeded entries.
+
+The default is `3600` seconds.
+
+## Scope
+
+`tlsa_expire_interval` is valid in the global scope.