On 2018-03-17 at 15:00 +0000, Jeremy Harris via Exim-dev wrote:
> > Enabling DMARC without enabling
> > SPF led to a build failure almost at the very end.
>
> Compile-time or link-time failure? Do you think we need
> a specific check early in the build?
I think it was compile-time, but am not 100% sure. I did also have a
link-time failure, but that was my fault and led to my commit to
openssl.txt: the EXPERIMENTAL_DMARC coming above the TLS config meant
that using `LDFLAGS=` instead of `LDFLAGS+=` stomped on the DMARC
library. Oops.
Shame there's no `.pc` file for opendmarc.
Oh: any preferences around OpenSSL 1.1.X for exim.org box? We currently
"drink our own champagne" when it comes to advice around OpenSSL
libraries and deprecation, with 1.0.2n in /opt/openssl/.
I'm tentatively thinking that we can wait for OpenSSL 1.1.1 to reach
Beta status, then have /opt/openssl111/ for that, and have port-25 Exim
use 1.0.2 and port-26 Exim use 1.1.1, just skipping 1.1.0 entirely. But
I've not been doing the recent maintenance work on TLS in Exim, you
have, so I'll (probably) defer to your preference here.
-Phil
