Mail::SpamAssassin::Plugin::DKIM - perform DKIM verification tests


 loadplugin Mail::SpamAssassin::Plugin::DKIM [/path/to/]
 full DOMAINKEY_DOMAIN eval:check_dkim_verified()


This SpamAssassin plugin implements DKIM lookups, as described by the current draft specs:

It requires the Mail::DKIM CPAN module to operate. Many thanks to Jason Long for that module.


Mail::DKIM, Mail::SpamAssassin::Plugin


dkim_timeout n (default: 5)
How many seconds to wait for a DKIM query to complete, before scanning continues without the DKIM result.

whitelist_from_dkim [identity]
Use this to supplement the whitelist_from addresses with a check to make sure the message has been signed by a Domain Keys Identified Mail (DKIM) signature that can be verified against the From: domain's DKIM public key.

In order to support optional identities, only one whitelist entry is allowed per line, exactly like whitelist_from_rcvd. Multiple whitelist_from_dkim lines are allowed. File-glob style meta characters are allowed for the From: address, just like with whitelist_from_rcvd. The optional identity parameter must match from the right-most side, also like in whitelist_from_rcvd.

If no identity parameter is specified the domain of the address parameter specified will be used instead.

The From: address is obtained from a signed part of the message (ie. the ``From:'' header), not from envelope data that is possible to forge.

Since this whitelist requires an DKIM check to be made, network tests must be enabled.


  whitelist_from_dkim *

def_whitelist_from_dkim [identity]
Same as whitelist_from_dkim, but used for the default whitelist entries in the SpamAssassin distribution. The whitelist score is lower, because these are often targets for spammer spoofing.