Mail::DKIM::DkimPolicy(3)
NAME
Mail::DKIM::DkimPolicy - represents a DKIM Sender Signing Practices
record
DESCRIPTION
The Sender Signing Practices (SSP) record can be published by any
domain to help a receiver know what to do when it encounters an
unsigned message claiming to originate from that domain.
The record is published as a DNS TXT record at
_policy._domainkey.DOMAIN where DOMAIN is the domain of the message's
"From" address.
This record format has been superceded by ADSP. See
Mail::DKIM::AuthorDomainPolicy for information about ADSP. It is
implemented here because at one time it appeared this is what would be
standardized by the IETF. It will be removed from Mail::DKIM at some
point in the future. The last version of the SSP specification can be
found at <http://tools.ietf.org/html/draft-ietf-dkim-ssp-02>.
CONSTRUCTORS
fetch()
Lookup a DKIM signing practices record.
my $policy = Mail::DKIM::DkimPolicy->fetch(
Protocol => 'dns',
Author => 'jsmith@example.org',
);
new()
Construct a default policy object.
my $policy = Mail::DKIM::DkimPolicy->new;
METHODS
apply()
Apply the policy to the results of a DKIM verifier.
my $result = $policy->apply($dkim_verifier);
The caller must provide an instance of Mail::DKIM::Verifier, one which
has already been fed the message being verified.
Possible results are:
accept
The message is approved by the sender signing policy.
reject
The message is rejected by the sender signing policy. It can be
considered very suspicious.
neutral
The message is neither approved nor rejected by the sender signing
policy. It can be considered somewhat suspicious.
flags()
Get or set the flags (t=) tag.
A colon-separated list of flags. Flag values are:
y The entity is testing signing practices, and the Verifier SHOULD
NOT consider a message suspicious based on the record.
s The signing practices apply only to the named domain, and not to
subdomains.
is_implied_default_policy()
Is this policy implied?
my $is_implied = $policy->is_implied_default_policy;
If you fetch the policy for a particular domain, but that domain does
not have a policy published, then the "default policy" is in effect.
Use this method to detect when that happens.
location()
Where the policy was fetched from.
If the policy is domain-wide, this will be domain where the policy was
published.
If the policy is user-specific, TBD.
If nothing is published for the domain, and the default policy was
returned instead, the location will be "undef".
policy()
Get or set the outbound signing policy (dkim=) tag.
my $sp = $policy->policy;
Outbound signing policy for the entity. Possible values are:
"unknown"
The default. The entity may sign some or all email.
"all"
All mail from the entity is signed. (The DKIM signature can use
any domain, not necessarily matching the From: address.)
"strict"
All mail from the entity is signed with Originator signatures.
(The DKIM signature uses a domain matching the From: address.)
signall()
True if policy is "all".
signall_strict()
True if policy is "strict".
testing()
Checks the testing flag.
my $testing = $policy->testing;
If nonzero, the testing flag is set on the signing policy, and the
verify should not consider a message suspicious based on this policy.
BUGS
o If a sender signing policy is not found for a given domain, the
fetch() method should search the parent domains, according to
section 4 of the dkim-ssp Internet Draft.
AUTHOR
Jason Long, <jlong@messiah.edu>
COPYRIGHT AND LICENSE
Copyright (C) 2006-2007 by Messiah College
This library is free software; you can redistribute it and/or modify it
under the same terms as Perl itself, either Perl version 5.8.6 or, at
your option, any later version of Perl 5 you may have available.
perl v5.24.3 2017-12-16 Mail::DKIM::DkimPolicy(3)
mail-dkim 0.500.0 - Generated Fri Jan 5 16:02:42 CST 2018