Geert Hendrickx

icon indicating a website link https://geert.hendrickx.be/ icon indicating an email [email protected]

icon location Belgium

Results 26 comments of Geert Hendrickx

Consider making ECDSA (p-256) the default certificate type

You can still request RSA certificates for legacy applications where needed, this shouldn't hold a better default for everyone else.

Use a functional test for OpenSSL ed25519 support

They're not identical, mine takes into account older openssl versions not supporting `genpkey` (but returning 0).

Use a functional test for OpenSSL ed25519 support

You overlooked my second commit https://github.com/trusteddomainproject/OpenDKIM/pull/135/commits/ce8a278f9708714fceb016e97859439417cf119d.

Add RequiredFrom option to opendmarc.conf

See https://github.com/trusteddomainproject/OpenDMARC/issues/202 which applies to this PR as well.

When RequiredHeaders rejects a message, reply with the reason to do so.

A message is now rejected with (for example) `550 5.7.1 RFC5322 requirement error: not exactly one Date field` instead of previously: `550 5.7.1 Command rejected`

Upgrade to OpenSSL 3

See also https://github.com/trusteddomainproject/OpenDKIM/pull/135.