NAME

Mail::DKIM::DkimPolicy - implements DKIM Sender Signing Practices records

CONSTRUCTORS

fetch() - lookup a DKIM signing practices record

my $policy = Mail::DKIM::DkimPolicy->fetch(
          Protocol => "dns",
          Author => 'jsmith@example.org',
        );

new() - construct a default policy object

my $policy = Mail::DKIM::DkimPolicy->new;

METHODS

apply() - apply the policy to the results of a DKIM verifier

my $result = $policy->apply($dkim_verifier);

The caller must provide an instance of Mail::DKIM::Verifier, one which has already been fed the message being verified.

Possible results are:

accept

The message is approved by the sender signing policy.

reject

The message is rejected by the sender signing policy. It can be considered very suspicious.

neutral

The message is neither approved nor rejected by the sender signing policy. It can be considered somewhat suspicious.

flags() - get or set the flags (t=) tag

A colon-separated list of flags. Flag values are:

y

The entity is testing signing practices, and the Verifier SHOULD NOT consider a message suspicious based on the record.

s

The signing practices apply only to the named domain, and not to subdomains.

is_implied_default_policy() - is this policy implied?

my $is_implied = $policy->is_implied_default_policy;

If you fetch the policy for a particular domain, but that domain does not have a policy published, then the "default policy" is in effect. Use this method to detect when that happens.

location() - where the policy was fetched from

If the policy is domain-wide, this will be domain where the policy was published.

If the policy is user-specific, TBD.

If nothing is published for the domain, and the default policy was returned instead, the location will be undef.

policy() - get or set the outbound signing policy (dkim=) tag

my $sp = $policy->policy;

Outbound signing policy for the entity. Possible values are:

unknown

The default. The entity may sign some or all email.

all

All mail from the entity is signed. (The DKIM signature can use any domain, not necessarily matching the From: address.)

strict

All mail from the entity is signed with Originator signatures. (The DKIM signature uses a domain matching the From: address.)

signall() - true if policy is "all"

signall_strict() - true if policy is "strict"

testing() - checks the testing flag

my $testing = $policy->testing;

If nonzero, the testing flag is set on the signing policy, and the verify should not consider a message suspicious based on this policy.

BUGS

  • If a sender signing policy is not found for a given domain, the fetch() method should search the parent domains, according to section 4 of the dkim-ssp Internet Draft.

AUTHOR

Jason Long, <jlong@messiah.edu>

COPYRIGHT AND LICENSE

Copyright (C) 2006-2007 by Messiah College

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available.