Additional configuration override for sysklogd

Scott Kitterman ubuntu at
Tue Jan 13 20:14:12 GMT 2009

On Tue, 13 Jan 2009 11:29:09 -0800 Kees Cook <kees at> wrote:
>On Tue, Jan 13, 2009 at 10:54:08AM -0500, Scott Kitterman wrote:
>> The first thing I'm trying to do is update the dkim-milter package to 
>> against a DNSSEC capable resolver (upstream now supports using the 
>> package for this is a new upstream not yet packaged).
>I take it that glibc isn't?  What about using bind9 directly?

The dkim-milter can:

1. Just use whstever the system uses.
2. Use it's own resolver lib (arlib) - what it does now.
3. Use Unbound and integrate with DNSSEC.

So Unbound is the only supported config for DNSSEC.  I don't have any good 
way to test DNSSEC right now, so my plan is to get the config to be what 
upstream supports and depend on their testing.

I did also coordinate  the switch to unbound with the Debian maintainer and 
he's happy to adopt the change if I can make it work.

Scott K

More information about the ubuntu-devel mailing list