Re: "unprotected key" with DNSSEC
On 2016-08-31 22:48, SM wrote:
> I haven't read that part of the code recently. It is not optimal to
> do a check as the file contents rarely change.
postfix does not need a anchor file to send to dane_only domains, so why
does opendkim need one ?
design fails imho
but i think its still good that opendkim can have its own if dnsservers
does not support dnssec, then opendkim can do its job on its own, in
that case the anchor is needed in opendkim, else its waste of resources,
and possible one runs with outdated anchor
i will not make that fail here
Received on Wed Aug 31 2016 - 22:10:33 PST
This archive was generated by hypermail 2.3.0
: Wed Aug 31 2016 - 22:18:01 PST