DESCRIPTIONThe Sender Signing Practices (SSP) record can be published by any domain to help a receiver know what to do when it encounters an unsigned message claiming to originate from that domain.
The record is published as a DNS TXT record at _policy._domainkey.DOMAIN where DOMAIN is the domain of the message's ``From'' address.
This record format has been superceded by ADSP. See Mail::DKIM::AuthorDomainPolicy for information about ADSP. It is implemented here because at one time it appeared this is what would be standardized by the IETF. It will be removed from Mail::DKIM at some point in the future. The last version of the SSP specification can be found at http://tools.ietf.org/html/draft-ietf-dkim-ssp-02 <http://tools.ietf.org/html/draft-ietf-dkim-ssp-02>.
fetch()Lookup a DKIM signing practices record.
my $policy = Mail::DKIM::DkimPolicy->fetch( Protocol => "dns", Author => '[email protected]', );
new()Construct a default policy object.
my $policy = Mail::DKIM::DkimPolicy->new;
apply()Apply the policy to the results of a DKIM verifier.
my $result = $policy->apply($dkim_verifier);
The caller must provide an instance of Mail::DKIM::Verifier, one which has already been fed the message being verified.
Possible results are:
- The message is approved by the sender signing policy.
- The message is rejected by the sender signing policy. It can be considered very suspicious.
- The message is neither approved nor rejected by the sender signing policy. It can be considered somewhat suspicious.
flags()Get or set the flags (t=) tag.
A colon-separated list of flags. Flag values are:
- The entity is testing signing practices, and the Verifier SHOULD NOT consider a message suspicious based on the record.
- The signing practices apply only to the named domain, and not to subdomains.
is_implied_default_policy()Is this policy implied?
my $is_implied = $policy->is_implied_default_policy;
If you fetch the policy for a particular domain, but that domain does not have a policy published, then the ``default policy'' is in effect. Use this method to detect when that happens.
location()Where the policy was fetched from.
If the policy is domain-wide, this will be domain where the policy was published.
If the policy is user-specific, TBD.
If nothing is published for the domain, and the default policy was returned instead, the location will be "undef".
policy()Get or set the outbound signing policy (dkim=) tag.
my $sp = $policy->policy;
Outbound signing policy for the entity. Possible values are:
- The default. The entity may sign some or all email.
- All mail from the entity is signed. (The DKIM signature can use any domain, not necessarily matching the From: address.)
- All mail from the entity is signed with Originator signatures. (The DKIM signature uses a domain matching the From: address.)
signall()True if policy is ``all''.
signall_strict()True if policy is ``strict''.
testing()Checks the testing flag.
my $testing = $policy->testing;
If nonzero, the testing flag is set on the signing policy, and the verify should not consider a message suspicious based on this policy.
- If a sender signing policy is not found for a given domain, the fetch() method should search the parent domains, according to section 4 of the dkim-ssp Internet Draft.
AUTHORJason Long, <[email protected]>
COPYRIGHT AND LICENSECopyright (C) 2006-2007 by Messiah College
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available.