Re: Need Feedback for Add'l Directives for RPM Conf

From: Murray S. Kucherawy <msk_at_blackops.org>
Date: Tue, 8 Jan 2013 13:43:08 -0800 (PST)

On Tue, 8 Jan 2013, Steve Jenkins wrote:
> I used yum to install OpenDKIM on the new server, and when comparing the
> default opendkim.conf file to the one on an existing mail server in our
> network, I noticed these additional directives on the old server that I'm not
> currently including in the default conf in the RPM:
>
> # Custom Directives
> AutoRestart             Yes
> AutoRestartRate         10/1h
> SignatureAlgorithm      rsa-sha256
> TemporaryDirectory      /var/tmp
>
> I'm thinking I should include all four of these in the RPM's default conf
> file, but comment out both the AutoRestart ones (so that users can make sure
> everything's working OK before allowing AutoRestart to spawn multiple
> instances... which I've done when things are misconfigured during testing).
>
> Thoughts?

If the installed OpenSSL is at least 0.9.8, rsa-sha256 is the default
anyway.

The TemporaryDirectory default seems to contradict typical Linux practice
for use of /var/tmp vs. /tmp as far as I recall. In fact this was changed
to /tmp for this reason in 2.7.0. I forget who it was that pushed for
this and there wasn't a bug opened; maybe someone else can refresh my
memory?

I don't know who decided on the auto restart settings, but they seem
reasonable.

-MSK
Received on Tue Jan 08 2013 - 21:43:26 PST

This archive was generated by hypermail 2.3.0 : Tue Jan 08 2013 - 21:45:01 PST