Attached is a simple DKIM signature checking plugin. Prints the results to the log and as a header in the message
-- Matthew Harrell I love defenseless animals, Bit Twiddlers, Inc. especially in a good gravy. [EMAIL PROTECTED]
=head1 NAME dkimcheck -- Check the DKIM / DomainKeys signatures in a message =head1 DESCRIPTION If an incoming message has a DKIM signature then this plugin will check the validify of the message and report the results as a header in the mail message =head1 CONFIG None needed right now =head1 TODO Add check for DomainKeys Add in ability to reject messages that fail the check =cut use strict; use Mail::DKIM; use Mail::DKIM::Verifier; sub hook_data_post { my ($self, $transaction) = @_; # if this isn't signed, just move along return DECLINED unless $transaction->header->get( 'DKIM-Signature' ); my $dkim = new Mail::DKIM::Verifier; # take all the headers, reformat them to eliminate cr/lf and push into # dkim. dkim seems particular about the cr/lf # my %hdrs = %{ $transaction->header->header_hashref() }; foreach my $key ( keys %hdrs ) { my $val = join ( "", @{$hdrs{$key}} ); $val =~ s/[\n\r]//g; # $self->log ( LOGNOTICE, "Hdr: " . $key . ": " . $val ); $dkim->PRINT ( $key . ": " . $val . "\x0D\x0A" ); } # push the body of the message on ensuring the cr/lf are correct # $transaction->body_resetpos; while ( my $line = $transaction->body_getline ) { chomp ( $line ); $line =~ s/\015$//; # $self->log ( LOGNOTICE, "Body: " . $line ); $dkim->PRINT ( $line . "\x0D\x0A" ); } $dkim->CLOSE; # get the key policy - need to act on this # my $policy = $dkim->fetch_author_policy; my $policy_result = $policy->apply ( $dkim ); # print the result # $transaction->header->replace ( "X-DKIM-Authentication: ", "domain: " . $dkim->signature->domain . ", selector: " . $dkim->signature->selector . ", result: " . $dkim->result_detail . ", policy: " . $policy_result ); $self->log ( LOGNOTICE, "dkimcheck: domain: " . $dkim->signature->domain . ", selector: " . $dkim->signature->selector . ", result: " . $dkim->result_detail . ", policy: " . $policy_result ); return DECLINED; }