On Dec 9, 2013, at 6:04 AM, Derek Atkins <warl...@mit.edu> wrote: > John Ralls <jra...@ceridwen.us> writes: > >> On Dec 6, 2013, at 7:32 AM, Derek Atkins <warl...@mit.edu> wrote: >> >>> Hey, all, >>> >>> I just wanted to let people know that I'm considering turning up the >>> DKIM validation knob on incoming mail to the gnucash server. In >>> particular I plan to have the mail server discard mail that fails DKIM >>> signature validation, and I'm debating turning on ADSPDiscard, although >>> if I do this I probably need to get it to ignore local mail. >>> >>> This is after a conversion I had yesterday with an admin at apple.com >>> based on a mailman bounce to a forged address that got sent up to >>> spamcop. >>> >>> Please let me know your thoughts. >> >> My understanding of that is that it will result only in dropping mail >> which lacks a DKIM signature but the supposed source domain's DNS >> record says that it should be signed and that unsigned mail should be >> discarded. Do you really see that much traffic meeting those >> conditions? > > Looking at the particular resources involved it wouldn't have stopped > the apple.com mail from arriving; they don't specify to drop unsigned > email! So it wouldn't have even helped here. :-/ > > Still, it's led me to the desire to upgrade code to a newer OS (it's > 2-1/2 years out of date). My plan is to work on that over the Xmas/New > Years holiday breaks. I've got 5 blocks of 2-day breaks between the > 20th and 6th where I plan to install a new system and hopefully migrate > the existing code services.
OK, as long as there aren't any interruptions until after the 2.6 release! Regards, John Ralls _______________________________________________ gnucash-devel mailing list gnucash-devel@gnucash.org https://lists.gnucash.org/mailman/listinfo/gnucash-devel
