On 18/03/18 03:05, Phil Pennock wrote: > On 2018-03-17 at 15:00 +0000, Jeremy Harris via Exim-dev wrote: >>> Enabling DMARC without enabling >>> SPF led to a build failure almost at the very end. >> >> Compile-time or link-time failure? Do you think we need >> a specific check early in the build? > > I think it was compile-time, but am not 100% sure. I did also have a > link-time failure, but that was my fault and led to my commit to > openssl.txt: the EXPERIMENTAL_DMARC coming above the TLS config meant > that using `LDFLAGS=` instead of `LDFLAGS+=` stomped on the DMARC > library. Oops. > > Shame there's no `.pc` file for opendmarc. > > Oh: any preferences around OpenSSL 1.1.X for exim.org box? We currently > "drink our own champagne" when it comes to advice around OpenSSL > libraries and deprecation, with 1.0.2n in /opt/openssl/.
Anything "reasonably recent" on the main-use is fine. Heading towards the bleeding edge is valuable for shaking out problems, but does mean effort (probably for you). > I'm tentatively thinking that we can wait for OpenSSL 1.1.1 to reach > Beta status, then have /opt/openssl111/ for that, and have port-25 Exim > use 1.0.2 and port-26 Exim use 1.1.1, just skipping 1.1.0 entirely. That's fine by me. We'd want to move the main-use to 1.1.1 after that went official, and after we'd had enough testing done on the port-26. In other news, I finally got DKIM Ed25519 working with 1.1.1 last night. That code will be in RC2. -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
