DKIM

This plugin implements DKIM lookups as described by the RFC 4871, as well as historical DomainKeys lookups, as described by RFC 4870, thanks to the support for both types of signatures by newer versions of module Mail::DKIM.

Tags

  _DKIMIDENTITY_ Agent or User Identifier (AUID) (the 'i' tag) from valid signatures;
  _DKIMDOMAIN_ Signing Domain Identifier (SDID) (the 'd' tag) from valid signatures;

Identities and domains from signatures which failed verification are not included in these tags. Duplicates are eliminated (e.g. when there are two or more valid signatures from the same signer, only one copy makes it into a tag). Note that there may be more than one signature in a message - currently they are provided as a space-separated list, although this behaviour may change.

Tests

Area Test name Description Default scores
header USER_IN_DKIM_WELCOMELIST From: address is in the user's DKIM whitelist -100.000
header USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list -7.500
full DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid 0.1
full DKIM_VALID Message has at least one valid DKIM or DK signature -0.1
full DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1
header DKIM_ADSP_NXDOMAIN No valid author signature and domain not in DNS 0 0.8 0 0.9
header DKIM_ADSP_DISCARD No valid author signature, domain signs all mail and suggests discarding the rest 0 1.8 0 1.8
header DKIM_ADSP_ALL No valid author signature, domain signs all mail 0 1.1 0 0.8
header DKIM_ADSP_CUSTOM_LOW No valid author signature, adsp_override is CUSTOM_LOW 0.001
header DKIM_ADSP_CUSTOM_MED No valid author signature, adsp_override is CUSTOM_MED 0.001
header DKIM_ADSP_CUSTOM_HIGH No valid author signature, adsp_override is CUSTOM_HIGH 0.001
full DKIM_VERIFIED eval:check_dkim_valid() 1
header DKIM_POLICY_TESTING eval:check_dkim_testing() 1
header DKIM_POLICY_SIGNSOME eval:check_dkim_signsome() 1
header DKIM_POLICY_SIGNALL eval:check_dkim_signall() 1

Related Pages