Provided by: libmail-dkim-perl_1.20230212-1_all bug

NAME

       Mail::DKIM::DkimPolicy - represents a DKIM Sender Signing Practices record

VERSION

       version 1.20230212

DESCRIPTION

       The Sender Signing Practices (SSP) record can be published by any domain to help a
       receiver know what to do when it encounters an unsigned message claiming to originate from
       that domain.

       The record is published as a DNS TXT record at _policy._domainkey.DOMAIN where DOMAIN is
       the domain of the message's "From" address.

       This record format has been superceded by ADSP. See Mail::DKIM::AuthorDomainPolicy for
       information about ADSP.  It is implemented here because at one time it appeared this is
       what would be standardized by the IETF. It will be removed from Mail::DKIM at some point
       in the future.  The last version of the SSP specification can be found at
       <http://tools.ietf.org/html/draft-ietf-dkim-ssp-02>.

CONSTRUCTORS

   fetch()
       Lookup a DKIM signing practices record.

         my $policy = Mail::DKIM::DkimPolicy->fetch(
                   Protocol => 'dns',
                   Author => 'jsmith@example.org',
                 );

   new()
       Construct a default policy object.

         my $policy = Mail::DKIM::DkimPolicy->new;

METHODS

   apply()
       Apply the policy to the results of a DKIM verifier.

         my $result = $policy->apply($dkim_verifier);

       The caller must provide an instance of Mail::DKIM::Verifier, one which has already been
       fed the message being verified.

       Possible results are:

       accept
           The message is approved by the sender signing policy.

       reject
           The message is rejected by the sender signing policy.  It can be considered very
           suspicious.

       neutral
           The message is neither approved nor rejected by the sender signing policy. It can be
           considered somewhat suspicious.

   flags()
       Get or set the flags (t=) tag.

       A colon-separated list of flags. Flag values are:

       y   The entity is testing signing practices, and the Verifier SHOULD NOT consider a
           message suspicious based on the record.

       s   The signing practices apply only to the named domain, and not to subdomains.

   is_implied_default_policy()
       Is this policy implied?

         my $is_implied = $policy->is_implied_default_policy;

       If you fetch the policy for a particular domain, but that domain does not have a policy
       published, then the "default policy" is in effect. Use this method to detect when that
       happens.

   location()
       Where the policy was fetched from.

       If the policy is domain-wide, this will be domain where the policy was published.

       If the policy is user-specific, TBD.

       If nothing is published for the domain, and the default policy was returned instead, the
       location will be "undef".

   policy()
       Get or set the outbound signing policy (dkim=) tag.

         my $sp = $policy->policy;

       Outbound signing policy for the entity. Possible values are:

       "unknown"
           The default. The entity may sign some or all email.

       "all"
           All mail from the entity is signed.  (The DKIM signature can use any domain, not
           necessarily matching the From: address.)

       "strict"
           All mail from the entity is signed with Originator signatures.  (The DKIM signature
           uses a domain matching the From: address.)

   signall()
       True if policy is "all".

   signall_strict()
       True if policy is "strict".

   testing()
       Checks the testing flag.

         my $testing = $policy->testing;

       If nonzero, the testing flag is set on the signing policy, and the verify should not
       consider a message suspicious based on this policy.

BUGS

       •   If a sender signing policy is not found for a given domain, the fetch() method should
           search the parent domains, according to section 4 of the dkim-ssp Internet Draft.

AUTHORS

       •   Jason Long <jason@long.name>

       •   Marc Bradshaw <marc@marcbradshaw.net>

       •   Bron Gondwana <brong@fastmailteam.com> (ARC)

THANKS

       Work on ensuring that this module passes the ARC test suite was generously sponsored by
       Valimail (https://www.valimail.com/)

COPYRIGHT AND LICENSE

       •   Copyright (C) 2013 by Messiah College

       •   Copyright (C) 2010 by Jason Long

       •   Copyright (C) 2017 by Standcore LLC

       •   Copyright (C) 2020 by FastMail Pty Ltd

       This library is free software; you can redistribute it and/or modify it under the same
       terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of
       Perl 5 you may have available.