Additional configuration override for sysklogd
ubuntu at kitterman.com
Tue Jan 13 20:14:12 GMT 2009
On Tue, 13 Jan 2009 11:29:09 -0800 Kees Cook <kees at ubuntu.com> wrote:
>On Tue, Jan 13, 2009 at 10:54:08AM -0500, Scott Kitterman wrote:
>> The first thing I'm trying to do is update the dkim-milter package to
>> against a DNSSEC capable resolver (upstream now supports using the
>> package for this is a new upstream not yet packaged).
>I take it that glibc isn't? What about using bind9 directly?
The dkim-milter can:
1. Just use whstever the system uses.
2. Use it's own resolver lib (arlib) - what it does now.
3. Use Unbound and integrate with DNSSEC.
So Unbound is the only supported config for DNSSEC. I don't have any good
way to test DNSSEC right now, so my plan is to get the config to be what
upstream supports and depend on their testing.
I did also coordinate the switch to unbound with the Debian maintainer and
he's happy to adopt the change if I can make it work.
More information about the ubuntu-devel