mail::dkim::dkimpolicy(3s)
NAME
Mail::DKIM::DkimPolicy - represents a DKIM Sender Signing Practices
record
DESCRIPTION
The Sender Signing Practices (SSP) record can be published by any
domain to help a receiver know what to do when it encounters an
unsigned message claiming to originate from that domain.
The record is published as a DNS TXT record at _policy._domainkey.DOMAIN where DOMAIN is the domain of the message's
"From" address.
This record format has been superceded by ADSP. See Mail::DKIM::AuthorDomainPolicy for information about ADSP. It is implemented here
because at one time it appeared this is what would be standardized by
the IETF. It will be removed from Mail::DKIM at some point in the
future. The last version of the SSP specification can be found at
<http://tools.ietf.org/html/draft-ietf-dkim-ssp-02>.
CONSTRUCTORS
fetch()
- Lookup a DKIM signing practices record.
- my $policy = Mail::DKIM::DkimPolicy->fetch(
Protocol => "dns",
Author => 'jsmith@example.org', - );
- new()
- Construct a default policy object.
my $policy = Mail::DKIM::DkimPolicy->new;
METHODS
apply()
- Apply the policy to the results of a DKIM verifier.
- my $result = $policy->apply($dkim_verifier);
- The caller must provide an instance of Mail::DKIM::Verifier, one which has already been fed the message being verified.
- Possible results are:
- accept
- The message is approved by the sender signing policy.
- reject
- The message is rejected by the sender signing policy. It can be
considered very suspicious. - neutral
- The message is neither approved nor rejected by the sender signing policy. It can be considered somewhat suspicious.
- flags()
- Get or set the flags (t=) tag.
- A colon-separated list of flags. Flag values are:
- y The entity is testing signing practices, and the Verifier SHOULD
- NOT consider a message suspicious based on the record.
- s The signing practices apply only to the named domain, and not to
- subdomains.
- is_implied_default_policy()
- Is this policy implied?
my $is_implied = $policy->is_implied_default_policy;- If you fetch the policy for a particular domain, but that domain does
not have a policy published, then the "default policy" is in effect.
Use this method to detect when that happens. - location()
- Where the policy was fetched from.
- If the policy is domain-wide, this will be domain where the policy was published.
- If the policy is user-specific, TBD.
- If nothing is published for the domain, and the default policy was
returned instead, the location will be "undef". - policy()
- Get or set the outbound signing policy (dkim=) tag.
my $sp = $policy->policy;- Outbound signing policy for the entity. Possible values are:
- "unknown"
- The default. The entity may sign some or all email.
- "all"
- All mail from the entity is signed. (The DKIM signature can use
any domain, not necessarily matching the From: address.) - "strict"
- All mail from the entity is signed with Originator signatures.
(The DKIM signature uses a domain matching the From: address.) - signall()
- True if policy is "all".
- signall_strict()
- True if policy is "strict".
- testing()
- Checks the testing flag.
my $testing = $policy->testing;- If nonzero, the testing flag is set on the signing policy, and the verify should not consider a message suspicious based on this policy.
BUGS
- o If a sender signing policy is not found for a given domain, the
- fetch() method should search the parent domains, according to section 4 of the dkim-ssp Internet Draft.
AUTHOR
Jason Long, <jlong@messiah.edu>
COPYRIGHT AND LICENSE
Copyright (C) 2006-2007 by Messiah College
- This library is free software; you can redistribute it and/or modify it
under the same terms as Perl itself, either Perl version 5.8.6 or, at
your option, any later version of Perl 5 you may have available.