Hello,
I have noticed some “insecure key” and “insecure policy” in my
Authentication-Results headers. This is what I found in
opendkim.conf(5):
InsecureKey (string)
Instructs the filter to treat a passing signature associated with an insecure key in a
special way. Possible values are neutral (return a "neutral" result), none (take no spe‐
cial action; this is the default) and fail (return a "fail" result).
InsecurePolicy (string)
Instructs the filter to treat an ADSP policy found in an insecure DNS record in a special
way. Possible values are apply (apply the policy; this is the default) and ignore
(ignore the policy).
However, I could not find what was an insecure key and an insecure DNS
record. Grepping the source code, I guess that this means that the key
or the policy DNS record is not DNSSEC'ed. If this is right, may I
prepare a patch against the manpage?
--
Tanguy Ortolo
Received on Mon Mar 28 2011 - 14:13:46 PST