Re: OpenDKIM 2.9.0 Beta1: 2 open points

From: Murray S. Kucherawy <msk_at_blackops.org>
Date: Tue, 3 Dec 2013 15:59:06 -0800 (PST)

On Tue, 3 Dec 2013, Andreas Schulze wrote:
> RFC 5617 / ADSP is changed to Historic state. There are many pieces of code
> still handling ADSP in opendkim.
> Removing that code should not be done in 2.9.x
>
> I also know that many peaple dislike changed default setting. But I would
> like to see it mentioned
> in the release notes together with a clear suggestion how to disable adsp:
> manually add "DisableADSP yes"

I'm planning to drop ADSP support in 2.10 or 3.0, whichever comes first.
There will be no changes in 2.9,0; we entered Beta long before that
decision was finalized.

> 2.
> An other point I found yesterday: ldap via SSL. To use ldaps I have to tell
> the ldap library which certs are trusted. This may be done in a file
> ~/.ldaprc or /etc/ldap/ldap.conf (see man 5 ldap.conf) But there are other
> option too.
> Postfix for example has code to set virtually any ldap parameter in a
> consistent way, exactly like any other postfix option. But that would be
> unnecessary here. I prefer a simpler solution: A config setting to point
> opendkim to a ldaprc. This File is exported into a environment "LDAPRC" used
> by opendkim. That way we could specify any ldap setting in a configuration
> file dedicated to opendkim. Dovecot, the IMAP-Server, solved the problem
> similar.
>
> I attach a patch to demonstrate the function (the real part in pseudocode
> only)...

The patch sets an environment variable that, I presume, is made available
to and used by libldap. Wouldn't it be easier or more preferable to do
that in opendkim.sh?

-MSK
Received on Tue Dec 03 2013 - 23:59:42 PST

This archive was generated by hypermail 2.3.0 : Wed Dec 04 2013 - 00:09:01 PST