Hello,
it's a few days to 2019 and the default, non-experimental configuration
options for Exim are still w/o SPF, DMARC or ARC (can of worms if I ever
saw one) for that matter.
Given that this ML is clearly run by an Exim build that has all of these
enabled, the question is, why?
DKIM is in there, but of very limited utility by itself at this point in
time.
No DMARC to be had via SpamAssassin either, so that easy way out isn't
present as well.
And I don't see the Debian maintainers turning these things on even in the
exim-daemon-heavy package either while they're "EXPERIMENTAL".
Aside from being lazy the usual answer of "compile it yourself" means
potentially critical delays when it comes to security updates, so I'm
asking what's stopping these things from becoming non-experimental?
If nothing else, more exposure by being easily accessible/configurable
will help polish these features.
Note that I'm no fan of any of the above schemes, but that lemmings train
seems to have come and gone.
Regards,
Christian
--
Christian Balzer Network/Systems Engineer
chibi@??? Rakuten Communications