On Saturday, June 14, 2014 11:51:03 AM Kurt Roeckx wrote: > Package: opendkim > Version: 2.9.2-1 > Severity: important > > It seems that opendkim has support for DNSSEC, is compiled with > unbound, but the default config does not enable DNSSEC.
It looks like DNSSEC needs both a defined trust anchor and unbound (the application, not just the library) installed to work. I don't think it's feasible to enable it by default, but I did add unbound to suggests and update the shipped config file to include a commented out entry about this to make it easy to enable for those that have DNSSEC. I think that's as fixed as this can reasonably get. Scott K
signature.asc
Description: This is a digitally signed message part.
