NAME

Mail::SpamAssassin::Plugin::DomainKeys - perform DomainKeys verification tests

SYNOPSIS

 loadplugin Mail::SpamAssassin::Plugin::DomainKeys [/path/to/DomainKeys.pm]

Signature: header DK_SIGNED eval:check_domainkeys_signed() header DK_VERIFIED eval:check_domainkeys_verified()

Policy: Note that DK policy record is only fetched if DK_VERIFIED is false to save signing domain from unnecessary DNS queries, as recommended (SHOULD) by draft-delany-domainkeys-base. Rules DK_POLICY_* should preferably not be relied upon when DK_VERIFIED is true, although they will return false in current implementation when a policy record is not fetched, except for DK_POLICY_TESTING, which is true if t=y appears in a public key record OR in a policy record (when available). header DK_POLICY_TESTING eval:check_domainkeys_testing() header DK_POLICY_SIGNSOME eval:check_domainkeys_signsome() header DK_POLICY_SIGNALL eval:check_domainkeys_signall()

Whitelisting based on verified signature: header USER_IN_DK_WHITELIST eval:check_for_dk_whitelist_from() header USER_IN_DEF_DK_WL eval:check_for_def_dk_whitelist_from()

DESCRIPTION

This is the DomainKeys plugin and it needs lots more documentation.

USER SETTINGS

domainkeys_timeout n (default: 5)

How many seconds to wait for a DomainKeys query to complete, before scanning continues without the DomainKeys result.

whitelist_from_dk add@ress.com [signing domain name]

Use this to supplement the whitelist_from addresses with a check to make sure the message has been signed by a DomainKeys signature that can be verified against the From: domain's DomainKeys public key.

In order to support signing domain names that differ from the address domain name, only one whitelist entry is allowed per line, exactly like whitelist_from_rcvd. Multiple whitelist_from_dk lines are allowed. File-glob style meta characters are allowed for the From: address, just like with whitelist_from_rcvd. The optional signing domain name parameter must match from the right-most side, also like in whitelist_from_rcvd.

If no signing domain name parameter is specified the domain of the address parameter specified will be used instead.

The From: address is obtained from a signed part of the message (ie. the "From:" header), not from envelope data that is possible to forge.

Since this whitelist requires a DomainKeys check to be made, network tests must be enabled.

Examples:

  whitelist_from_dk joe@example.com
  whitelist_from_dk *@corp.example.com

  whitelist_from_dk bob@it.example.net  example.net
  whitelist_from_dk *@eng.example.net   example.net

def_whitelist_from_dk add@ress.com [signing domain name]

Same as whitelist_from_dk, but used for the default whitelist entries in the SpamAssassin distribution. The whitelist score is lower, because these are often targets for spammer spoofing.

1 POD Error

The following errors were encountered while parsing the POD:

Around line 99:: =over without closing =back

To install Mail::SpamAssassin, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Mail::SpamAssassin

CPAN shell

perl -MCPAN -e shell
install Mail::SpamAssassin

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

NAME

SYNOPSIS

DESCRIPTION

USER SETTINGS

Module Install Instructions