FS#62867 - [exim] Enable DMARC and ARC support
Attached to Project:
Community Packages
Opened by Chris (cimnine) - Monday, 10 June 2019, 16:11 GMT
Last edited by Buggy McBugFace (bugbot) - Saturday, 25 November 2023, 20:07 GMT
Opened by Chris (cimnine) - Monday, 10 June 2019, 16:11 GMT
Last edited by Buggy McBugFace (bugbot) - Saturday, 25 November 2023, 20:07 GMT
|
Details
Exim 4.92 has experimental support for DMARC and for ARC,
but it's not enabled in Arch Linux. What is the policy for
enabling experimental features? Could it be enabled?
For DMARC it would be setting `EXPERIMENTAL_DMARC` [0][1]. The main dependency, Opendmarc, is already packaged for Arch. `EXPERIMENTAL_ARC` support [2] does not depend on anything and could be enabled right away. [0] https://github.com/Exim/exim/blob/exim-4.92/doc/doc-txt/experimental-spec.txt#L393 [1] https://github.com/Exim/exim/blob/exim-4.92/src/src/EDITME#L481-L486 [2] https://github.com/Exim/exim/blob/exim-4.92/src/src/EDITME#L488-L490 |
This task depends upon
Closed by Buggy McBugFace (bugbot)
Saturday, 25 November 2023, 20:07 GMT
Reason for closing: Moved
Additional comments about closing: https://gitlab.archlinux.org/archlinux/p ackaging/packages/exim/issues/1
Saturday, 25 November 2023, 20:07 GMT
Reason for closing: Moved
Additional comments about closing: https://gitlab.archlinux.org/archlinux/p ackaging/packages/exim/issues/1
FS#63812CVE-2019-16378 is resolved.As of 4.93 upstream DMARC support is considered stable. I think it should be brought downstream to the Arch builds by default.
The CVE issue in opendmarc linked in comments above has also been fixed.
Have you encountered any issues during your testing of the feature with the modified package?
The 0002.patch deals with the toggling of the necessary options in the build configuration file, introduces the new dependencies required in the PKGBUILD (opendmarc, publicsuffix-list) and takes care of applying a patch to fix building with newer versions of openDMARC.
The 0001.patch was picked up from https://src.fedoraproject.org/rpms/exim/blob/rawhide/f/exim-4.96-opendmarc-1.4-build-fix.patch and is mandatory to get Exim to build with openDMARC v1.4.
This was already patched upstream in the master branch, however Fedora's patch is slightly less clumsy than that one, this shouldn't be an issue.
Here's the correct link to the 0002.patch: https://bugs.archlinux.org/index.php?getfile=22895
I screwed up the first upload and now I can't delete it anymore, sigh.
The patches don't deal with ARC support as it seems like it's still marked as experimental.
Recently upstream has setup a new branch "exim-4.96+fixes" which among things has fixed building Exim with OpenDMARC in its newer versions.
You can find the announcement here: https://lists.exim.org/lurker/message/20230728.125608.fea08054.en.html
I think that as long as a newer version of Exim hasn't been released the exim package should move to that branch.
EDIT: Oh, btw the enablement of some opendmarc flags in the exim.Makefile is still required, including the new publicsuffix-list dependency. These can be picked up from the patches I attached above.