Mail-DKIM-1.20200907/0000775000175000017500000000000013725344750012164 5ustar marcmarcMail-DKIM-1.20200907/doc/0000775000175000017500000000000013725344750012731 5ustar marcmarcMail-DKIM-1.20200907/doc/common_verification_problems.txt0000644000175000017500000000067013725344750021430 0ustar marcmarcThis document will attempt to record all root causes I've seen for a "body of message has been altered" or "message has been altered" DKIM verification result. 1. Incorrect use of Mail::DKIM's PRINT() method. The implementer fed the message in as it was received over SMTP, without reversing the "dot-stuffing". So if the message contained any lines beginning with a period, the message would be signed or verified incorrectly. Mail-DKIM-1.20200907/doc/dkim_errata.txt0000644000175000017500000000326013725344750015753 0ustar marcmarcFollowing are some notes about gray areas in the RFC 4871 DKIM specification. Section 3.4.4 "relaxed" Body Canonicalization Empty bodies. Unlike the "simple" body canonicalization, which explicitly says to add a CRLF, the "relaxed" body canonicalization does not say this. The consensus at DKIM-Interop was NOT to add a CRLF for "relaxed" body canonicalization when the body is empty. Section 3.5 "i= Identity of the user or agent" In the section describing "identity", it says dkim-quoted-printable encoding is to be used, but quoted printable is not mentioned in the ABNF. The ABNF includes the "Local-part" token, which allows a quoted string with backslashes to escape certain characters. My interpretation (combining the text and my own reasoning), is that the i= tag value should be the dkim-quoted-printable encoding of: [ Local-part ] "@" domain-name So, e.g. local part domain ---------- ----------- i="meet=20joe"@example.com => "meet joe" example.com i="fine=3Bmess"@example.com => "fine;mess" example.com i="j=20s=22@example.com => "j s" example.com i=j smith @ example . com => jsmith example.com Section 3.6.1 "granularity of the key" Does "an empty g= value never matches any addresses" mean that any signature, no matter the i= value, using this key cannot be matched? The consensus at DKIM-Interop was that YES, that's what it means. It should be noted that this is an incompatible change from RFC4870-DomainKeys, where an empty g= tag in the public key is equivalent to g=*, which would match anything. Mail-DKIM-1.20200907/doc/policies.txt0000644000175000017500000000673513725344750015312 0ustar marcmarcPolicy lookup ============= With DomainKeys and DKIM you have two different ideas of sender signing policies. Luckily, they are published at slightly different locations in DNS, so it might work to have them complement each other. This text file is just a place to dump some ideas about this. Here is a description of the two different sender signing policies: * rfc4870(historical) - the DomainKeys policy - this policy addresses emails in which the sender's domain appears in the "Sender" header (or the "From" header if no Sender). As such, it could be useful for mailing lists (which break the author's signature but add a Sender header to indicate where it's coming from) or third party mailers (which cannot sign for the From address but can add a Sender address). The downside is that most MUAs don't show the Sender header, so recipients still think the message is coming from whatever address is in the From header. * draft-allman-dkim-ssp - the work-in-progress IETF DKIM policy - this policy addresses the "From" address only. This would be useful for domains with low tolerances for forgeries. They could ensure that whenever their domain appears in the From field, DKIM-SSP-aware agents can throw away forgeries. The downside is mailing lists and third-parties can't really use it, and users of those critical domains can't participate in mailing lists or use third-party mailers. Example A --------- From: Jason Sender: Bad guy In this case, bigbank.com wants to provide a way for recipients to recognize forgories or altered messages coming from their domain. They publish a draft-allman-dkim-ssp policy record in their DNS bigbank.com. DKIMP "p=strict" With such a policy, bigbank.com's users cannot send mail through mungling mailing lists, or through their other ISPs mail servers. In the first case, the signature would become invalid. In the second case, the message won't have a signature. In both cases, the policy for bigbank.com says to reject the message. Example B --------- From: Jason Sender: My list In this example, messiah.edu allows their users to send messages through mailing lists, so it has no need for a p=strict policy like example A. However, this means messages can be trivially forged. But maybe they could use a rfc4870(historical) policy to indicate that whenever the "sender" of the message is a messiah.edu address, the message will contain a messiah.edu signature. So... _domainkey.messiah.edu. TXT "o=-" When this message comes through, it is allowed despite not having a valid messiah.edu signature because the message itself doesn't claim to have come from messiah.edu (although some recipients may not know this because their MUA doesn't show it). But if the only originator address found in the message was jlong@messiah.edu, the above policy would require a valid messiah.edu signature. Example C --------- From: George Sender: Discuss This time I'm interested in the perspective of the Listserv operator. The Listserv operator wants to ensure that messages going out to the list have a listserv.messiah.edu signature, and wants to communicate to recipients that unsigned messages claiming to be from the list are forgories. Once again, a rfc4870(historical) policy seems the most useful: _domainkey.listserv.messiah.edu. TXT "o=-" Mail-DKIM-1.20200907/doc/dk_headers.txt0000644000175000017500000000117213725344750015562 0ustar marcmarch=a:a:b:c:b:d A: 1 A: 2 B: 3 C: 4 B: 5 D: 6 h=a:a:b:c:b:d C: 4 D: 6 B: 3 B: 5 A: 0 A: 1 A: 2 When RFC4870 signing with an h= tag, a signer MUST include all headers presented to the signing algorithm, in the order they were presented the signing algorithm. a signer, when encountering multiple-occuring headers, MAY list those header names more than once -- I conclude from this that signers SHOULD reorder the headers so that multiple-occuring headers occur together. -- a verifier, if a header is listed only once in h=, but there are multiple of those headers available, MUST play back those multiple headers together. Mail-DKIM-1.20200907/doc/qp1.txt0000644000175000017500000000140213725344750014166 0ustar marcmarcDKIM-Signature: v=1; a=rsa-sha1; c=simple; d=messiah.edu; h=from:to: subject:date:message-id; q=dns/txt; s=test3; i= =6Along@messiah.edu; bh=a1tsxn+Nkk390KsMynntsb/bycM=; b=fYt1qVZc kYrGQupWYUxDX1byTfuQt8sAPPMVUPsN/Ha552XI1x+2ufltDLTmnFyRjc3xlgqV kMGzoeDCD4Z/jw== Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (i= with quoted printable, and g= check) Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/doc/async_dns.txt0000644000175000017500000000224613725344750015455 0ustar marcmarcStrategies for Asynchronous DNS ------------------------------- Principles 1. As soon as we can tell what to query, initiate the query. 2. Design things so that the results of the query aren't needed until later in the process. Three different strategies? A. Have the query_async() call return a token that can be used by a later function to get the actual result of the query. The "token" can actually be a subroutine that when called, produces the result of the query. B. Have the query_async() call not return anything, but the result will be cached so a later call can get the result of the query by passing in the same query parameters. C. Have the query_async() call take an extra parameter, a reference to a callback function... i.e. a function that will be called whenever the query finishes, with the result of the query. I think I prefer strategy A to B; it's more standard of a practice. One trick about A is knowing where to store the "token". I'm not sure yet about A vs C. C fits in more naturally with coroutines and continuations. Might make the code more simple, but I need another function that will block until the query is finished. Mail-DKIM-1.20200907/LICENSE0000644000175000017500000004366013725344750013200 0ustar marcmarcThis software is copyright (c) 2020 by Marc Bradshaw. This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself. Terms of the Perl programming language system itself a) the GNU General Public License as published by the Free Software Foundation; either version 1, or (at your option) any later version, or b) the "Artistic License" --- The GNU General Public License, Version 1, February 1989 --- This software is Copyright (c) 2020 by Marc Bradshaw. This is free software, licensed under: The GNU General Public License, Version 1, February 1989 GNU GENERAL PUBLIC LICENSE Version 1, February 1989 Copyright (C) 1989 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The license agreements of most software companies try to keep users at the mercy of those companies. By contrast, our General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. The General Public License applies to the Free Software Foundation's software and to any other program whose authors commit to using it. You can use it for your programs, too. When we speak of free software, we are referring to freedom, not price. Specifically, the General Public License is designed to make sure that you have the freedom to give away or sell copies of free software, that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of a such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must tell them their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any work containing the Program or a portion of it, either verbatim or with modifications. Each licensee is addressed as "you". 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this General Public License and to the absence of any warranty; and give any other recipients of the Program a copy of this General Public License along with the Program. You may charge a fee for the physical act of transferring a copy. 2. You may modify your copy or copies of the Program or any portion of it, and copy and distribute such modifications under the terms of Paragraph 1 above, provided that you also do the following: a) cause the modified files to carry prominent notices stating that you changed the files and the date of any change; and b) cause the whole of any work that you distribute or publish, that in whole or in part contains the Program or any part thereof, either with or without modifications, to be licensed at no charge to all third parties under the terms of this General Public License (except that you may choose to grant warranty protection to some or all third parties, at your option). c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the simplest and most usual way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this General Public License. d) You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. Mere aggregation of another independent work with the Program (or its derivative) on a volume of a storage or distribution medium does not bring the other work under the scope of these terms. 3. You may copy and distribute the Program (or a portion or derivative of it, under Paragraph 2) in object code or executable form under the terms of Paragraphs 1 and 2 above provided that you also do one of the following: a) accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Paragraphs 1 and 2 above; or, b) accompany it with a written offer, valid for at least three years, to give any third party free (except for a nominal charge for the cost of distribution) a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Paragraphs 1 and 2 above; or, c) accompany it with the information you received as to where the corresponding source code may be obtained. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form alone.) Source code for a work means the preferred form of the work for making modifications to it. For an executable file, complete source code means all the source code for all modules it contains; but, as a special exception, it need not include source code for modules which are standard libraries that accompany the operating system on which the executable file runs, or for standard header files or definitions files that accompany that operating system. 4. You may not copy, modify, sublicense, distribute or transfer the Program except as expressly provided under this General Public License. Any attempt otherwise to copy, modify, sublicense, distribute or transfer the Program is void, and will automatically terminate your rights to use the Program under this License. However, parties who have received copies, or rights to use copies, from you under this General Public License will not have their licenses terminated so long as such parties remain in full compliance. 5. By copying, distributing or modifying the Program (or any work based on the Program) you indicate your acceptance of this license to do so, and all its terms and conditions. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. 7. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of the license which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the license, you may choose any version ever published by the Free Software Foundation. 8. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 9. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 10. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS Appendix: How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to humanity, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) 19yy This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 1, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301 USA Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) 19xx name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (a program to direct compilers to make passes at assemblers) written by James Hacker. , 1 April 1989 Ty Coon, President of Vice That's all there is to it! --- The Artistic License 1.0 --- This software is Copyright (c) 2020 by Marc Bradshaw. This is free software, licensed under: The Artistic License 1.0 The Artistic License Preamble The intent of this document is to state the conditions under which a Package may be copied, such that the Copyright Holder maintains some semblance of artistic control over the development of the package, while giving the users of the package the right to use and distribute the Package in a more-or-less customary fashion, plus the right to make reasonable modifications. Definitions: - "Package" refers to the collection of files distributed by the Copyright Holder, and derivatives of that collection of files created through textual modification. - "Standard Version" refers to such a Package if it has not been modified, or has been modified in accordance with the wishes of the Copyright Holder. - "Copyright Holder" is whoever is named in the copyright or copyrights for the package. - "You" is you, if you're thinking about copying or distributing this Package. - "Reasonable copying fee" is whatever you can justify on the basis of media cost, duplication charges, time of people involved, and so on. (You will not be required to justify it to the Copyright Holder, but only to the computing community at large as a market that must bear the fee.) - "Freely Available" means that no fee is charged for the item itself, though there may be fees involved in handling the item. It also means that recipients of the item may redistribute it under the same conditions they received it. 1. You may make and give away verbatim copies of the source form of the Standard Version of this Package without restriction, provided that you duplicate all of the original copyright notices and associated disclaimers. 2. You may apply bug fixes, portability fixes and other modifications derived from the Public Domain or from the Copyright Holder. A Package modified in such a way shall still be considered the Standard Version. 3. You may otherwise modify your copy of this Package in any way, provided that you insert a prominent notice in each changed file stating how and when you changed that file, and provided that you do at least ONE of the following: a) place your modifications in the Public Domain or otherwise make them Freely Available, such as by posting said modifications to Usenet or an equivalent medium, or placing the modifications on a major archive site such as ftp.uu.net, or by allowing the Copyright Holder to include your modifications in the Standard Version of the Package. b) use the modified Package only within your corporation or organization. c) rename any non-standard executables so the names do not conflict with standard executables, which must also be provided, and provide a separate manual page for each non-standard executable that clearly documents how it differs from the Standard Version. d) make other distribution arrangements with the Copyright Holder. 4. You may distribute the programs of this Package in object code or executable form, provided that you do at least ONE of the following: a) distribute a Standard Version of the executables and library files, together with instructions (in the manual page or equivalent) on where to get the Standard Version. b) accompany the distribution with the machine-readable source of the Package with your modifications. c) accompany any non-standard executables with their corresponding Standard Version executables, giving the non-standard executables non-standard names, and clearly documenting the differences in manual pages (or equivalent), together with instructions on where to get the Standard Version. d) make other distribution arrangements with the Copyright Holder. 5. You may charge a reasonable copying fee for any distribution of this Package. You may charge any fee you choose for support of this Package. You may not charge a fee for this Package itself. However, you may distribute this Package in aggregate with other (possibly commercial) programs as part of a larger (possibly commercial) software distribution provided that you do not advertise this Package as a product of your own. 6. The scripts and library files supplied as input to or produced as output from the programs of this Package do not automatically fall under the copyright of this Package, but belong to whomever generated them, and may be sold commercially, and may be aggregated with this Package. 7. C or perl subroutines supplied by you and linked into this Package shall not be considered part of this Package. 8. The name of the Copyright Holder may not be used to endorse or promote products derived from this software without specific prior written permission. 9. THIS PACKAGE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. The End Mail-DKIM-1.20200907/weaver.ini0000644000175000017500000000265213725344750014161 0ustar marcmarc[@CorePrep] [-SingleEncoding] [Name] [Version] [Region / prelude] [Generic / SYNOPSIS] [Generic / DESCRIPTION] [Generic / OVERVIEW] [Collect / ATTRIBUTES] command = attr [Collect / CONSTRUCTOR] command = constructor [Collect / METHODS] command = method [Collect / FUNCTIONS] command = func [Leftovers] [Region / postlude] [GenerateSection / Authors] title = AUTHORS text = =over 4 text = text = =item * text = text = Jason Long text = text = =item * text = text = Marc Bradshaw text = text = =item * text = text = Bron Gondwana (ARC) text = text = =back [Contributors] [GenerateSection / Thanks] title = THANKS text = Work on ensuring that this module passes the ARC test suite was text = generously sponsored by Valimail (https://www.valimail.com/) [GenerateSection / Legal] title = COPYRIGHT AND LICENSE text = =over 4 text = text = =item * text = text = Copyright (C) 2013 by Messiah College text = text = =item * text = text = Copyright (C) 2010 by Jason Long text = text = =item * text = text = Copyright (C) 2017 by Standcore LLC text = text = =item * text = text = Copyright (C) 2020 by FastMail Pty Ltd text = text = =back text = text = This library is free software; you can redistribute it and/or modify text = it under the same terms as Perl itself, either Perl version 5.8.6 or, text = at your option, any later version of Perl 5 you may have available. Mail-DKIM-1.20200907/META.yml0000644000175000017500000000310713725344750013434 0ustar marcmarc--- abstract: 'Signs/verifies Internet mail with DKIM/DomainKey signatures' author: - 'Marc Bradshaw ' build_requires: Data::Dumper: '0' Net::DNS::Resolver: '0' Net::DNS::Resolver::Mock: '0' Test::More: '0' Test::RequiresInternet: '0' Test::Simple: '0' YAML::XS: '0' lib: '0' perl: '5.006' configure_requires: ExtUtils::MakeMaker: '0' dynamic_config: 0 generated_by: 'Dist::Zilla version 6.014, CPAN::Meta::Converter version 2.150010' license: perl meta-spec: url: http://module-build.sourceforge.net/META-spec-v1.4.html version: '1.4' name: Mail-DKIM requires: Carp: '0' Crypt::OpenSSL::RSA: '0' Digest::SHA: '0' MIME::Base64: '0' Mail::Address: '0' Mail::AuthenticationResults::Header::AuthServID: '0' Mail::AuthenticationResults::Parser: '0' Net::DNS: '0' base: '0' strict: '0' warnings: '0' resources: bugtracker: https://github.com/fastmail/mail-dkim/issues repository: git://github.com/fastmail/mail-dkim.git version: '1.20200907' x_contributors: - 'Aaron Thompson ' - 'Bron Gondwana ' - 'Christian Jaeger ' - 'Damien MASCRÉ ' - 'jasonlong ' - 'José Borges Ferreira ' - 'Martijn van de Streek ' - 'Martin H. Sluka ' - 'Mohammad S Anwar ' x_generated_by_perl: v5.30.1 x_serialization_backend: 'YAML::Tiny version 1.73' x_spdx_expression: 'Artistic-1.0-Perl OR GPL-1.0-or-later' Mail-DKIM-1.20200907/TODO0000644000175000017500000001031213725344750012647 0ustar marcmarcCommon: - don't "die" on PRINT or CLOSE, find better ways to report the error DKIM-Signature: - allow version tag (DONE) - accept q=dns/txt (DONE) - method to set/get "z" tag DKIM Public Key Records: - enforce t=s option (if present) - provide method for caller to get (to check the "testing" flag) Verifier: - verify multiple signatures (ietf05 6.1) (DONE) - check that From header is signed (ietf05 6.1.1) - check public key "granularity" (DONE) - handle no response from first DNS server listed in resolv.conf (currently it goes to the second server after 5 seconds, but it does this for EVERY signature, so this will badly affect overall throughput) - **minor bug**- when Debug_Canonicalization=1 on a message with multiple signatures, the canonicalized output is recorded multiple times. Probably only the first valid signature should receive the Debug_Canonicalization option - provide semi-standard mechanism to report results of verification (including what, if any, of header.from and header.sender can be trusted) - provide mechanism in the API to run the DNS lookups in parallel with other processing (e.g. the SpamAssassin plugin would want to start the DNS queries as early as possible, but continue processing other aspects of the message while waiting for the DNS queries to complete). Net::DNS::Async may be useful here. Policy: - make it possible to determine explicit vs implicit default policy (DONE) - lookup BOTH draft-allman-dkim-ssp policy AND rfc4870(historical) policy (DONE) - this will probably be: lookup allman policy, and if not found, then try rfc4870(historical) policy (REJECTED) Signer: - allow DomainKeys signatures without using a policy object - allow adding chained signatures in one pass (e.g. allow adding a DomainKeys signature, and a DKIM signature, with the new DKIM signature signing the new DomainKeys signature) (REJECTED) - allow creation of i= and x= tags (DONE) - allow creation of l=, t=, and z= tags - do header-wrapping to signature before signing (DONE) - allow signer policy to change which private key is used Testing (some of this may already be implemented): - test public key errors: - DNS timeout - SERVFAIL - syntax error in public key record - test DNS timeout for signing policy - test key records composed of fragmented TXT records - test signature options: - unspecified query type - query type of "dns/" - bad query type (DONE) - bad algorithm (DONE) - unspecified algorithm - bad canonicalization - unspecified canonicalization - test presence of version tag in signature - IMPORTANT- allow `make test' to work when DNS is not available - test various components of verifying, so better diagnostics can be made when the verify.t script reports a bunch of unexplained failures - test absense of h= tag in DKIM signature - test use of non-ASCII characters in header names and h= tag Possible issues in base-10 draft: - 6.1.2 - check g= tag of public key against i= tag of signature (DONE) - 6.1.2 - check h= tag of public key against a= tag of signature (DONE) - 3.5 - t= tag, create it when signing messages, check it when verifying - 3.5 - x= tag, create it when signing messages - check it when verifying (DONE) - 5.4 - allow better control of which headers to sign - 5.5 - recommended headers to sign and NOT to sign (DONE) - 3.3.1 - what's an RSA exponent? - 6.1.1 - configurable list of unacceptable signing domains, e.g. "com" and "co.uk" Possible issues in RFC 4871: - 3.6.1 - g= should be case-sensitive (see 3.2 "tag values must be processed as case sensitive unless...", and 3.6.1, "g=", which does NOT mention case-sensitivity) - 3.6.1 - g= tag using irregular characters - 3.5 - i= tag, should allow quoted-printable encoding - 3.5 - i= tag, internationalized domains? - 3.5 - l= tag, what happens if the number is REALLY big, or doesn't contain a number? - 3.5 - q= tag, should skip signature if subtype is not "txt" (I think I do this, but do other verifiers?) - rationale- if a dns/foo type comes out, then it will be WRONG to lookup the txt record - 3.2 - "if a tag name does occur more than once, the entire tag-list is invalid" Mail-DKIM-1.20200907/README.md0000644000175000017500000000422613725344750013445 0ustar marcmarcMail-DKIM ========= [![Build Status](https://travis-ci.org/marcbradshaw/mail-dkim.svg?branch=master)](https://travis-ci.org/marcbradshaw/mail-dkim) Mail-DKIM ========= This module implements the various components of the DKIM, ARC, and DomainKeys message-signing and verifying standards for Internet mail. It currently tries to implement these specifications: * RFC4871, for DKIM * RFC4870, for DomainKeys * https://tools.ietf.org/html/draft-ietf-dmarc-arc-protocol-06, for ARC With each release, this module is getting bigger, but don't worry, most of the growth is from having more things to test with `make test'. INSTALLATION To install this module type the following: perl Makefile.PL make make test make install DEPENDENCIES This module requires these other modules and libraries: Crypt::OpenSSL::RSA Digest::SHA Mail::Address (part of the MailTools package) MIME::Base64 Net::DNS USAGE Decide whether you want to "sign" or "verify" messages. To sign, see the Mail::DKIM::Signer module. To verify, see the Mail::DKIM::Verifier module. If you want to sign or verify ARC headers (https://tools.ietf.org/html/draft-ietf-dmarc-arc-protocol-06) then look at Mail::DKIM::ARC::Signer and Mail::DKIM::ARC::Verifier BUGS Some details of the specification are not completely implemented. See the TODO file for a list of things I know about. Please report bugs to the [CPAN RT](https://rt.cpan.org/Public/Dist/Display.html?Name=Mail-DKIM) or [github issue tracker](https://github.com/fastmail/mail-dkim/issues). If `make test' fails, please include the versions of your installed Crypt::OpenSSL::RSA module and OpenSSL libraries. COPYRIGHT AND LICENCE Copyright (C) 2010 by Jason Long Copyright (C) 2006-2009 by Messiah College Copyright (C) 2017 FastMail Pty Ltd. Copyright (C) 2017 by Standcore LLC This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. SEE ALSO The DKIM proxy home page, http://dkimproxy.sourceforge.net/ SourceForge SVN Repo, svn://svn.code.sf.net/p/dkimproxy/code/Mail-DKIM/trunk Mail-DKIM-1.20200907/lib/0000775000175000017500000000000013725344750012732 5ustar marcmarcMail-DKIM-1.20200907/lib/Mail/0000775000175000017500000000000013725344750013614 5ustar marcmarcMail-DKIM-1.20200907/lib/Mail/DKIM.pm0000644000175000017500000000752213725344750014702 0ustar marcmarcpackage Mail::DKIM; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: Signs/verifies Internet mail with DKIM/DomainKey signatures #require 5.010; our $SORTTAGS = 0; 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM - Signs/verifies Internet mail with DKIM/DomainKey signatures =head1 VERSION version 1.20200907 =head1 SYNOPSIS # verify a message use Mail::DKIM::Verifier; # create a verifier object my $dkim = Mail::DKIM::Verifier->new(); # read an email from stdin, pass it into the verifier while () { # remove local line terminators chomp; s/\015$//; # use SMTP line terminators $dkim->PRINT("$_\015\012"); } $dkim->CLOSE; # what is the result of the verify? my $result = $dkim->result; =head1 DESCRIPTION This module implements the various components of the DKIM and DomainKeys message-signing and verifying standards for Internet mail. It currently tries to implement these specifications: =over =item RFC4871, for DKIM =item RFC4870, for DomainKeys =item draft-ietf-dmarc-arc-protocol-06, for ARC =back The module uses an object-oriented interface. You use one of two different classes, depending on whether you are signing or verifying a message. To sign, use the L class. To verify, use the L class. Simple, eh? Likewise for ARC, use the ARC modules L and L If you're sending to test libraries which expect the tags in headers to be sorted, you can set $Mail::DKIM::SORTTAGS to a true value, and all created headers will get sorted keys =head1 SEE ALSO L, L L, L http://dkimproxy.sourceforge.net/ https://github.com/fastmail/authentication_milter =head1 KNOWN BUGS Problems passing `make test' seem to usually point at a faulty DNS configuration on your machine, or something weird about your OpenSSL libraries. The "author signing policy" component is still under construction. The author signing policy is supposed to identify the practice of the message author, so you could for example reject a message from an author who claims they always sign their messages. See L. Please report bugs to the CPAN RT, or github issue tracker. https://rt.cpan.org/Public/Dist/Display.html?Name=Mail-DKIM https://github.com/fastmail/mail-dkim/issues =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 CONTRIBUTORS =for stopwords Aaron Thompson Bron Gondwana Christian Jaeger Damien MASCRÉ jasonlong José Borges Ferreira Martijn van de Streek Martin H. Sluka Mohammad S Anwar =over 4 =item * Aaron Thompson =item * Bron Gondwana =item * Christian Jaeger =item * Damien MASCRÉ =item * jasonlong =item * José Borges Ferreira =item * Martijn van de Streek =item * Martin H. Sluka =item * Mohammad S Anwar =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/0000775000175000017500000000000013725344750014340 5ustar marcmarcMail-DKIM-1.20200907/lib/Mail/DKIM/MessageParser.pm0000644000175000017500000000770413725344750017445 0ustar marcmarcpackage Mail::DKIM::MessageParser; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: Signs/verifies Internet mail with DKIM/DomainKey signatures # Copyright 2005 Messiah College. All rights reserved. # Jason Long # Copyright (c) 2004 Anthony D. Urso. All rights reserved. # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use Carp; sub new_object { my $class = shift; return $class->TIEHANDLE(@_); } sub new_handle { my $class = shift; local *TMP; tie *TMP, $class, @_; return *TMP; } sub TIEHANDLE { my $class = shift; my %args = @_; my $self = bless \%args, $class; $self->init; return $self; } sub init { my $self = shift; my $buf = ''; $self->{buf_ref} = \$buf; $self->{in_header} = 1; } sub PRINT { my $self = shift; my $buf_ref = $self->{buf_ref}; $$buf_ref .= @_ == 1 ? $_[0] : join( '', @_ ) if @_; if ( $self->{in_header} ) { local $1; # avoid polluting a global $1 while ( $$buf_ref ne '' ) { if ( substr( $$buf_ref, 0, 2 ) eq "\015\012" ) { substr( $$buf_ref, 0, 2 ) = ''; $self->finish_header(); $self->{in_header} = 0; last; } if ( $$buf_ref !~ /^(.+?\015\012)[^\ \t]/s ) { last; } my $header = $1; $self->add_header($header); substr( $$buf_ref, 0, length($header) ) = ''; } } if ( !$self->{in_header} ) { my $j = rindex( $$buf_ref, "\015\012" ); if ( $j >= 0 ) { # avoid copying a large buffer: the unterminated # last line is typically short compared to the rest my $carry = substr( $$buf_ref, $j + 2 ); substr( $$buf_ref, $j + 2 ) = ''; # shrink to last CRLF $self->add_body($$buf_ref); # must end on CRLF $$buf_ref = $carry; # restore unterminated last line } } return 1; } sub CLOSE { my $self = shift; my $buf_ref = $self->{buf_ref}; if ( $self->{in_header} ) { if ( $$buf_ref ne '' ) { # A line of header text ending CRLF would not have been # processed yet since before we couldn't tell if it was # the complete header. Now that we're in CLOSE, we can # finish the header... $$buf_ref =~ s/\015\012\z//s; $self->add_header("$$buf_ref\015\012"); } $self->finish_header; $self->{in_header} = 0; } else { if ( $$buf_ref ne '' ) { $self->add_body($$buf_ref); } } $$buf_ref = ''; $self->finish_body; return 1; } sub add_header { die 'add_header not implemented'; } sub finish_header { die 'finish_header not implemented'; } sub add_body { die 'add_body not implemented'; } sub finish_body { # do nothing by default } sub reset { carp 'reset not implemented'; } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::MessageParser - Signs/verifies Internet mail with DKIM/DomainKey signatures =head1 VERSION version 1.20200907 =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/PrivateKey.pm0000644000175000017500000001127413725344750016764 0ustar marcmarcpackage Mail::DKIM::PrivateKey; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: a private key loaded in memory for DKIM signing # Copyright 2005-2007 Messiah College. All rights reserved. # Jason Long # # Copyright (c) 2004 Anthony D. Urso. All rights reserved. # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use base 'Mail::DKIM::Key'; use Carp; *calculate_EM = \&Mail::DKIM::Key::calculate_EM; sub load { my $class = shift; my %prms = @_; my $self = bless {}, $class; $self->{'TYPE'} = ( $prms{'Type'} or 'rsa' ); if ( $prms{'Data'} ) { $self->{'DATA'} = $prms{'Data'}; } elsif ( defined $prms{'File'} ) { my @data; open my $file, '<', $prms{'File'} or die "Error: cannot read $prms{File}: $!\n"; while ( my $line = <$file> ) { chomp $line; next if $line =~ /^---/; push @data, $line; } $self->{'DATA'} = join '', @data; close $file; } elsif ( $prms{'Cork'} ) { $self->{'CORK'} = $prms{'Cork'}; } else { croak 'missing required argument'; } return $self; } sub convert { use Crypt::OpenSSL::RSA; my $self = shift; $self->data or return; # have to PKCS1ify the privkey because openssl is too finicky... my $pkcs = "-----BEGIN RSA PRIVATE KEY-----\n"; for ( my $i = 0 ; $i < length $self->data ; $i += 64 ) { $pkcs .= substr $self->data, $i, 64; $pkcs .= "\n"; } $pkcs .= "-----END RSA PRIVATE KEY-----\n"; my $cork; eval { local $SIG{__DIE__}; $cork = new_private_key Crypt::OpenSSL::RSA($pkcs); 1 } || do { $self->errorstr($@); return; }; $cork or return; # segfaults on my machine # $cork->check_key or # return; $self->cork($cork); return 1; } #deprecated sub sign { my $self = shift; my $mail = shift; return $self->cork->sign($mail); } #deprecated- use sign_digest() instead sub sign_sha1_digest { my $self = shift; my ($digest) = @_; return $self->sign_digest( 'SHA-1', $digest ); } sub sign_digest { my $self = shift; my ( $digest_algorithm, $digest ) = @_; my $rsa_priv = $self->cork; $rsa_priv->use_no_padding; my $k = $rsa_priv->size; my $EM = calculate_EM( $digest_algorithm, $digest, $k ); return $rsa_priv->decrypt($EM); } __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::PrivateKey - a private key loaded in memory for DKIM signing =head1 VERSION version 1.20200907 =head1 SYNOPSIS my $key1 = Mail::DKIM::PrivateKey->load( File => '/path/to/private.key'); my $key2 = Mail::DKIM::PrivateKey->load( Data => $base64); # use the loaded key in a DKIM signing object my $dkim = Mail::DKIM::Signer->new( Key => $key2, ); =head1 CONSTRUCTOR =head2 load() - loads a private key into memory my $key1 = Mail::DKIM::PrivateKey->load( File => '/path/to/private.key'); Loads the Base64-encoded key from the specified file. my $key2 = Mail::DKIM::PrivateKey->load(Data => $base64); Loads the Base64-encoded key from a string already in memory. my $key3 = Mail::DKIM::PrivateKey->load(Cork => $openssl_object); Creates a Mail::DKIM::PrivateKey wrapper object for the given OpenSSL key object. The key object should be of type L. =head1 METHODS =head2 cork() - access the underlying OpenSSL key object $openssl_object = $key->cork; The returned object is of type L. =head2 sign_digest() Cryptographically sign the given message digest. $key->sign_digest('SHA-1', sha1('my message text')); The first parameter is the name of the digest: one of "SHA-1", "SHA-256". The second parameter is the message digest as a binary string. The result should be the signed digest as a binary string. 1; =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/Common.pm0000644000175000017500000001156213725344750016131 0ustar marcmarcpackage Mail::DKIM::Common; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: Common class for Mail::DKIM # Copyright 2005-2007 Messiah College. All rights reserved. # Jason Long # Copyright (c) 2004 Anthony D. Urso. All rights reserved. # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use Mail::Address; use base 'Mail::DKIM::MessageParser'; use Carp; sub new { my $class = shift; return $class->new_object(@_); } sub add_header { my $self = shift; my ($line) = @_; foreach my $algorithm ( @{ $self->{algorithms} } ) { $algorithm->add_header($line); } if ( $line =~ /^([^:]+?)\s*:(.*)/s ) { my $field_name = lc $1; my $contents = $2; $self->handle_header( $field_name, $contents, $line ); } push @{ $self->{headers} }, $line; } sub add_body { my $self = shift; if ( $self->{algorithm} ) { $self->{algorithm}->add_body(@_); } foreach my $algorithm ( @{ $self->{algorithms} } ) { $algorithm->add_body(@_); } } sub handle_header { my $self = shift; my ( $field_name, $contents, $line ) = @_; push @{ $self->{header_field_names} }, $field_name; # TODO - detect multiple occurrences of From: or Sender: # header and reject them $self->{headers_by_name}->{$field_name} = $contents; } sub init { my $self = shift; $self->SUPER::init(@_); #initialize variables $self->{headers} = []; $self->{headers_by_name} = {}; $self->{header_field_names} = []; } sub load { my $self = shift; my ($fh) = @_; while (<$fh>) { $self->PRINT($_); } $self->CLOSE; } sub message_attributes { my $self = shift; my @attributes; if ( my $message_id = $self->message_id ) { push @attributes, "message-id=<$message_id>"; } if ( my $sig = $self->signature ) { push @attributes, 'signer=<' . $sig->identity . '>'; } if ( $self->{headers_by_name}->{sender} ) { my @list = Mail::Address->parse( $self->{headers_by_name}->{sender} ); if ( $list[0] ) { push @attributes, 'sender=<' . $list[0]->address . '>'; } } elsif ( $self->{headers_by_name}->{from} ) { my @list = Mail::Address->parse( $self->{headers_by_name}->{from} ); if ( $list[0] ) { push @attributes, 'from=<' . $list[0]->address . '>'; } } return @attributes; } sub message_id { my $self = shift; croak 'wrong number of arguments' unless ( @_ == 0 ); if ( my $message_id = $self->{headers_by_name}->{'message-id'} ) { if ( $message_id =~ /^\s*<(.*)>\s*$/ ) { return $1; } } return undef; } sub message_originator { my $self = shift; croak 'wrong number of arguments' unless ( @_ == 0 ); if ( $self->{headers_by_name}->{from} ) { my @list = Mail::Address->parse( $self->{headers_by_name}->{from} ); return $list[0] if @list; } return Mail::Address->new; } sub message_sender { my $self = shift; croak 'wrong number of arguments' unless ( @_ == 0 ); if ( $self->{headers_by_name}->{sender} ) { my @list = Mail::Address->parse( $self->{headers_by_name}->{sender} ); return $list[0] if @list; } if ( $self->{headers_by_name}->{from} ) { my @list = Mail::Address->parse( $self->{headers_by_name}->{from} ); return $list[0] if @list; } return Mail::Address->new; } sub result { my $self = shift; croak 'wrong number of arguments' unless ( @_ == 0 ); return $self->{result}; } sub result_detail { my $self = shift; croak 'wrong number of arguments' unless ( @_ == 0 ); if ( $self->{details} ) { return $self->{result} . ' (' . $self->{details} . ')'; } return $self->{result}; } sub signature { my $self = shift; croak 'wrong number of arguments' unless ( @_ == 0 ); return $self->{signature}; } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::Common - Common class for Mail::DKIM =head1 VERSION version 1.20200907 =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/TextWrap.pm0000644000175000017500000002116313725344750016455 0ustar marcmarcpackage Mail::DKIM::TextWrap; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: text wrapping module written for use with DKIM use Carp; sub new { my $class = shift; my %args = @_; my $self = { Margin => 72, Break => qr/\s/, BreakBefore => undef, Swallow => qr/\s/, Separator => "\n", cur => 0, may_break => 0, soft_space => "", word => "", %args, }; $self->{Output} ||= \*STDOUT; return bless $self, $class; } # Internal properties: # # cur - the last known column position # # may_break - nonzero if the current location allows a linebreak # # soft_space - contains added text that will not be printed if a linebreak # occurs # # word - contains the current word # Internal methods: # # _calculate_new_column() - determine where cur would be after adding some text # # my $new_cur = _calculate_new_column($cur, "some additional\ntext"); # sub _calculate_new_column { my ( $cur, $text ) = @_; confess "invalid argument" unless defined($text); while ( $text =~ /^(.*?)([\n\r\t])(.*)$/s ) { $cur += length($1); if ( $2 eq "\t" ) { $cur = ( int( $cur / 8 ) + 1 ) * 8; } else { $cur = 0; } $text = $3; } $cur += length($text); return $cur; } sub add { my ( $self, $text ) = @_; my $break_after = $self->{Break}; my $break_before = $self->{BreakBefore}; my $swallow = $self->{Swallow}; $self->{word} .= $text; while ( length $self->{word} ) { my $word; if ( defined($break_before) and $self->{word} =~ s/^(.+?)($break_before)/$2/s ) { # note- $1 should have at least one character $word = $1; } elsif ( defined($break_after) and $self->{word} =~ s/^(.*?)($break_after)//s ) { $word = $1 . $2; } elsif ( $self->{NoBuffering} ) { $word = $self->{word}; $self->{word} = ""; } else { last; } die "assertion failed" unless length($word) >= 1; my $next_soft_space; if ( defined($swallow) && $word =~ s/($swallow)$//s ) { $next_soft_space = $1; } else { $next_soft_space = ""; } my $to_print = $self->{soft_space} . $word; my $new_pos = _calculate_new_column( $self->{cur}, $to_print ); if ( $new_pos > $self->{Margin} && $self->{may_break} ) { # what would happen if we put the separator in? my $w_sep = _calculate_new_column( $self->{cur}, $self->{Separator} ); if ( $w_sep < $self->{cur} ) { # inserting the separator gives us more room, # so do it $self->output( $self->{Separator} ); $self->{soft_space} = ""; $self->{cur} = $w_sep; $self->{word} = $word . $next_soft_space . $self->{word}; next; } } $self->output($to_print); $self->{soft_space} = $next_soft_space; $self->{cur} = $new_pos; $self->{may_break} = 1; } } sub finish { my $self = shift; $self->flush; $self->reset; } sub flush { my $self = shift; local $self->{NoBuffering} = 1; local $self->{Swallow} = undef; $self->add(""); } sub output { my $self = shift; my $to_print = shift; my $out = $self->{Output}; if ( UNIVERSAL::isa( $out, "GLOB" ) ) { print $out $to_print; } elsif ( UNIVERSAL::isa( $out, "SCALAR" ) ) { $$out .= $to_print; } } sub reset { my $self = shift; $self->{cur} = 0; $self->{soft_space} = ""; $self->{word} = ""; } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::TextWrap - text wrapping module written for use with DKIM =head1 VERSION version 1.20200907 =head1 DESCRIPTION This is a general-purpose text-wrapping module that I wrote because I had some specific needs with Mail::DKIM that none of the contemporary text-wrapping modules offered. Specifically, it offers the ability to change wrapping options in the middle of a paragraph. For instance, with a DKIM signature: DKIM-Signature: a=rsa; c=simple; h=first:second:third:fourth; b=Xr2mo2wmb1LZBwmEJElIPezal7wQQkRQ8WZtxpofkNmXTjXf8y2f0 the line-breaks can be inserted next to any of the colons of the h= tag, or any character of the b= tag. The way I implemented this was to serialize the signature one element at a time, changing the text-wrapping options at the start and end of each tag. =head1 SYNOPSIS (FOR MAIL::DKIM USERS) use Mail::DKIM::TextWrap; Just add the above line to any program that uses L and your signatures will automatically be wrapped to 72 characters. =head1 SYNOPSIS (FOR OTHER USERS) my $output = ""; my $tw = Mail::DKIM::TextWrap->new( Margin => 10, Output => \$output, ); $tw->add("Mary had a little lamb, whose fleece was white as snow.\n"); $tw->finish; print $output; =head1 TEXT WRAPPING OPTIONS Text wrapping options can be specified when calling new(), or by simply changing the property as needed. For example, to change the number of characters allowed per line: $tw->{Margin} = 20; =over =item Break a regular expression matching characters where a line break can be inserted. Line breaks are inserted AFTER a matching substring. The default is C. =item BreakBefore a regular expression matching characters where a line break can be inserted. Line breaks are inserted BEFORE a matching substring. Usually, you want to use Break, rather than BreakBefore. The default is C. =item Margin specifies how many characters to allow per line. The default is 72. If no place to line-break is found on a line, the line will extend beyond this margin. =item Separator the text to insert when a linebreak is needed. The default is "\n". If you want to set a following-line indent (e.g. all lines but the first begin with four spaces), use something like "\n ". =item Swallow a regular expression matching characters that can be omitted when a line break occurs. For example, if you insert a line break between two words, then you are replacing a "space" with the line break, so you are omitting the space. On the other hand, if you insert a line break between two parts of a hyphenated word, then you are breaking at the hyphen, but you still want to display the hyphen. The default is C. =back =head1 CONSTRUCTOR =head2 new() - create a new text-wrapping object my $tw = Mail::DKIM::TextWrap->new( Output => \$output, %wrapping_options, ); The text-wrapping object encapsulates the current options and the current state of the text stream. In addition to specifying text wrapping options as described in the section above, the following options are recognized: =over =item Output a scalar reference, or a glob reference, to specify where the "wrapped" text gets output to. If not specified, the default of STDOUT is used. =back =head1 METHODS =head2 add() - process some text that can be wrapped $tw->add("Mary had a little lamb.\n"); You can add() all the text at once, or add() the text in parts by calling add() multiple times. =head2 finish() - call when no more text is to be added $tw->finish; Call this when finished adding text, so that any remaining text in TextWrap's buffers will be output. =head2 flush() - output the current partial word, if any $tw->flush; Call this whenever changing TextWrap's parameters in the middle of a string of words. It explicitly allows a line-break at the current position in the string, regardless of whether it matches the current break pattern. =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/DkPolicy.pm0000644000175000017500000001672613725344750016426 0ustar marcmarcpackage Mail::DKIM::DkPolicy; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: represents a DomainKeys Sender Signing Policy record # Copyright 2005-2009 Messiah College. # Jason Long # Copyright (c) 2004 Anthony D. Urso. All rights reserved. # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use base 'Mail::DKIM::Policy'; use Mail::DKIM::DNS; # get_lookup_name() - determine name of record to fetch # sub get_lookup_name { my $self = shift; my ($prms) = @_; # in DomainKeys, the record to fetch is determined based on the # Sender header, then the From header if ( $prms->{Author} && !$prms->{Sender} ) { $prms->{Sender} = $prms->{Author}; } if ( $prms->{Sender} && !$prms->{Domain} ) { # pick domain from email address $prms->{Domain} = ( $prms->{Sender} =~ /\@([^@]*)$/ and $1 ); } unless ( $prms->{Domain} ) { die "no domain to fetch policy for\n"; } # IETF seems poised to create policy records this way #my $host = '_policy._domainkey.' . $prms{Domain}; # but Yahoo! policy records are still much more common # see historic RFC4870, section 3.6 return '_domainkey.' . $prms->{Domain}; } sub new { my $class = shift; return $class->parse( String => 'o=~' ); } #undocumented private class method our $DEFAULT_POLICY; sub default { my $class = shift; $DEFAULT_POLICY ||= $class->new; return $DEFAULT_POLICY; } sub apply { my $self = shift; my ($dkim) = @_; my $first_party; foreach my $signature ( $dkim->signatures ) { next if $signature->result ne 'pass'; my $oa = $dkim->message_sender->address; if ( $signature->identity_matches($oa) ) { # found a first party signature $first_party = 1; last; } } return 'accept' if $first_party; return 'reject' if ( $self->signall && !$self->testing ); return 'neutral'; } sub flags { my $self = shift; (@_) and $self->{tags}->{t} = shift; $self->{tags}->{t}; } sub is_implied_default_policy { my $self = shift; my $default_policy = ref($self)->default; return ( $self == $default_policy ); } sub name { return 'sender'; } sub note { my $self = shift; (@_) and $self->{tags}->{n} = shift; $self->{tags}->{n}; } sub policy { my $self = shift; (@_) and $self->{tags}->{o} = shift; if ( defined $self->{tags}->{o} ) { return $self->{tags}->{o}; } else { return '~'; # the default } } sub signall { my $self = shift; return ( $self->policy && $self->policy eq '-' ); } sub signsome { my $self = shift; $self->policy or return 1; $self->policy eq '~' and return 1; return; } sub testing { my $self = shift; my $t = $self->flags; ( $t && $t =~ /y/i ) and return 1; return; } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::DkPolicy - represents a DomainKeys Sender Signing Policy record =head1 VERSION version 1.20200907 =head1 DESCRIPTION DomainKeys sender signing policies are described in RFC4870(historical). It is a record published in the message sender's (i.e. the person who transmitted the message) DNS that describes how they sign messages. =head1 CONSTRUCTORS =head2 fetch() - fetch a sender signing policy from DNS my $policy = Mail::DKIM::DkPolicy->fetch( Protocol => 'dns', Sender => 'joe@example.org', ); The following named arguments are accepted: =over =item Protocol always specify "dns" =item Author the "author" of the message for which policy is being checked. This is the first email address in the "From" header. According to RFC 2822, section 3.6.2, the "From" header lists who is responsible for writing the message. =item Sender the "sender" of the message for which policy is being checked. This is the first email address in the "Sender" header, or if there is not a "Sender" header, the "From" header. According to RFC 2822, section 3.6.2, the "Sender" header lists who is responsible for transmitting the message. =back Depending on what type of policy is being checked, both the Sender and Author fields may need to be specified. If a DNS error or timeout occurs, an exception is thrown. Otherwise, a policy object of some sort will be returned. If no policy is actually published, then the "default policy" will be returned. To check when this happens, use my $is_default = $policy->is_implied_default_policy; =head2 new() - construct a default policy object my $policy = Mail::DKIM::DkPolicy->new; =head2 parse() - gets a policy object by parsing a string my $policy = Mail::DKIM::DkPolicy->parse( String => 'o=~; t=y' ); =head1 METHODS =head2 apply() - apply the policy to the results of a DKIM verifier my $result = $policy->apply($dkim_verifier); The caller must provide an instance of L, one which has already been fed the message being verified. Possible results are: =over =item accept The message is approved by the sender signing policy. =item reject The message is rejected by the sender signing policy. =item neutral The message is neither approved nor rejected by the sender signing policy. It can be considered suspicious. =back =head2 flags() - get or set the flags (t=) tag A vertical-bar separated list of flags. =head2 is_implied_default_policy() - is this policy implied? my $is_implied = $policy->is_implied_default_policy; If you fetch the policy for a particular domain, but that domain does not have a policy published, then the "default policy" is in effect. Use this method to detect when that happens. =head2 location() - where the policy was fetched from DomainKeys policies only have per-domain policies, so this will be the domain where the policy was published. If nothing is published for the domain, and the default policy was returned instead, the location will be C. =head2 note() - get or set the human readable notes (n=) tag Human readable notes regarding the record. Undef if no notes specified. =head2 policy() - get or set the outbound signing policy (o=) tag my $sp = $policy->policy; Outbound signing policy for the entity. Possible values are: =over =item C<~> The default. The domain may sign some (but not all) email. =item C<-> The domain signs all email. =back =head2 signall() - true if policy is /-" =head2 testing() - checks the testing flag my $testing = $policy->testing; If nonzero, the testing flag is set on the signing policy, and the verify should not consider a message suspicious based on this policy. =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/ARC/0000775000175000017500000000000013725344750014745 5ustar marcmarcMail-DKIM-1.20200907/lib/Mail/DKIM/ARC/MessageSignature.pm0000644000175000017500000000730413725344750020553 0ustar marcmarcpackage Mail::DKIM::ARC::MessageSignature; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: Subclass of Mail::DKIM::Signature which represents a ARC-Message-Signature header # Copyright 2017 FastMail Pty Ltd. All Rights Reserved. # Bron Gondwana # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use base 'Mail::DKIM::Signature'; use Carp; sub new { my $class = shift; my %prms = @_; my $self = {}; bless $self, $class; $self->instance( $prms{'Instance'} ) if exists $prms{'Instance'}; $self->algorithm( $prms{'Algorithm'} || 'rsa-sha256' ); $self->signature( $prms{'Signature'} ); $self->canonicalization( $prms{'Method'} ) if exists $prms{'Method'}; $self->domain( $prms{'Domain'} ); $self->headerlist( $prms{'Headers'} ); $self->protocol( $prms{'Query'} ) if exists $prms{'Query'}; $self->selector( $prms{'Selector'} ); $self->timestamp( $prms{'Timestamp'} ) if defined $prms{'Timestamp'}; $self->expiration( $prms{'Expiration'} ) if defined $prms{'Expiration'}; $self->key( $prms{'Key'} ) if defined $prms{'Key'}; return $self; } sub DEFAULT_PREFIX { return 'ARC-Message-Signature:'; } sub instance { my $self = shift; # ARC identities must be a number if (@_) { my $val = int(shift); die "INVALID instance $val" unless ( $val > 0 and $val < 1025 ); $self->set_tag( 'i', $val ); } my $i = $self->get_tag('i'); return $i; } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::ARC::MessageSignature - Subclass of Mail::DKIM::Signature which represents a ARC-Message-Signature header =head1 VERSION version 1.20200907 =head1 CONSTRUCTORS =head2 new() - create a new signature from parameters my $signature = Mail::DKIM::ARC::MessageSignature->new( [ Algorithm => 'rsa-sha256', ] [ Signature => $base64, ] [ Method => 'relaxed', ] [ Domain => 'example.org', ] [ Instance => 1, ] [ Headers => 'from:subject:date:message-id', ] [ Query => 'dns', ] [ Selector => 'alpha', ] [ Timestamp => time(), ] [ Expiration => time() + 86400, ] ); The only differences between this module and Mail::DKIM::Signature are the header name, and that 'instance' is an integer rather than a base64 encoded value. =head2 instance() - get or set the signing instance (i=) field my $i = $signature->instance; Instances must be integers less than 1024 according to the spec. NOTE: the i= field is "Identity" in DKIM and is a base64 value, but in ARC it is "Instance" and an integer. The parsing routine does not check that the i= value is a number. =head1 SEE ALSO L for DKIM-Signature headers =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/ARC/Verifier.pm0000644000175000017500000006564313725344750017072 0ustar marcmarcpackage Mail::DKIM::ARC::Verifier; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: verifies an ARC-Sealed message # Copyright 2017 FastMail Pty Ltd. All Rights Reserved. # Bron Gondwana # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use base 'Mail::DKIM::Common'; use Mail::DKIM::ARC::MessageSignature; use Mail::DKIM::ARC::Seal; use Mail::Address; use Carp; our $MAX_SIGNATURES_TO_PROCESS = 50; sub init { my $self = shift; $self->SUPER::init; $self->{signatures} = []; $self->{result} = undef; # we're done once this is set } # @{$arc->{signatures}} # array of L objects, representing all # parseable message signatures and seals found in the header, # ordered from the top of the header to the bottom. # # $arc->{signature_reject_reason} # simple string listing a reason, if any, for not using a signature. # This may be a helpful diagnostic if there is a signature in the header, # but was found not to be valid. It will be ambiguous if there are more # than one signatures that could not be used. # # @{$arc->{headers}} # array of strings, each member is one header, in its original format. # # $arc->{algorithms} # array of algorithms, one for each signature being verified. # # $arc->{result} # string; the result of the verification (see the result() method) # sub handle_header { my $self = shift; my ( $field_name, $contents, $line ) = @_; $self->SUPER::handle_header( $field_name, $contents ); if ( lc($field_name) eq 'arc-message-signature' ) { eval { local $SIG{__DIE__}; my $signature = Mail::DKIM::ARC::MessageSignature->parse($line); $self->add_signature($signature); 1 } || do { # the only reason an error should be thrown is if the # signature really is unparse-able # otherwise, invalid signatures are caught in finish_header() chomp( my $E = $@ ); $self->{signature_reject_reason} = $E; }; } if ( lc($field_name) eq 'arc-seal' ) { eval { local $SIG{__DIE__}; my $signature = Mail::DKIM::ARC::Seal->parse($line); $self->add_signature($signature); 1 } || do { # the only reason an error should be thrown is if the # signature really is unparse-able # otherwise, invalid signatures are caught in finish_header() chomp( my $E = $@ ); $self->{signature_reject_reason} = $E; }; } } sub add_signature { my ( $self, $signature ) = @_; croak 'wrong number of arguments' unless ( @_ == 2 ); return if $self->{result}; # already failed push @{ $self->{signatures} }, $signature; unless ( $self->check_signature($signature) ) { $signature->result( 'invalid', $self->{signature_reject_reason} ); return; } # signature looks ok, go ahead and query for the public key $signature->fetch_public_key; # create a canonicalization filter and algorithm my $algorithm_class = $signature->get_algorithm_class( $signature->algorithm ); my $algorithm = $algorithm_class->new( Signature => $signature, Debug_Canonicalization => $signature->isa('Mail::DKIM::ARC::Seal') ? $self->{AS_Canonicalization} : $self->{AMS_Canonicalization}, ); # push through the headers parsed prior to the signature header if ( $algorithm->wants_pre_signature_headers ) { # Note: this will include the signature header that led to this # "algorithm"... foreach my $head ( @{ $self->{headers} } ) { $algorithm->add_header($head); } } # save the algorithm $self->{algorithms} ||= []; push @{ $self->{algorithms} }, $algorithm; # check for bogus tags (should be done much earlier but better late than never) # tagkeys is uniq'd via a hash, rawtaglen counts all the tags my @tagkeys = keys %{ $signature->{tags_by_name} }; my $rawtaglen = $#{ $signature->{tags} }; # crock: ignore empty clause after trailing semicolon $rawtaglen-- if $signature->{tags}->[ $#{ $signature->{tags} } ]->{raw} =~ /^\s*$/; # duplicate tags if ( $rawtaglen != $#tagkeys ) { $self->{result} = 'fail'; # bogus $self->{details} = 'Duplicate tag in signature'; return; } # invalid tag name if ( grep { !m{[a-z][a-z0-9_]*}i } @tagkeys ) { $self->{result} = 'fail'; # bogus $self->{details} = 'Invalid tag in signature'; return; } if ( $signature->isa('Mail::DKIM::ARC::Seal') ) { my ($instance); $instance = $signature->instance() || ''; if ( $instance !~ m{^\d+$} or $instance < 1 or $instance > 1024 ) { $self->{result} = 'fail'; # bogus $self->{details} = sprintf "Invalid ARC-Seal instance '%s'", $instance; return; } if ( $self->{seals}[$instance] ) { $self->{result} = 'fail'; # dup if ( $signature eq $self->{seals}[$instance] ) { $self->{details} = sprintf 'Duplicate ARC-Seal %d', $instance; } else { $self->{details} = sprintf 'Redundant ARC-Seal %d', $instance; } return; } $self->{seals}[$instance] = $signature; } elsif ( $signature->isa('Mail::DKIM::ARC::MessageSignature') ) { my $instance = $signature->instance() || ''; if ( $instance !~ m{^\d+$} or $instance < 1 or $instance > 1024 ) { $self->{result} = 'fail'; # bogus $self->{details} = sprintf "Invalid ARC-Message-Signature instance '%s'", $instance; return; } if ( $self->{messages}[$instance] ) { $self->{result} = 'fail'; # dup if ( $signature->as_string() eq $self->{messages}[$instance]->as_string() ) { $self->{details} = sprintf 'Duplicate ARC-Message-Signature %d', $instance; } else { $self->{details} = sprintf 'Redundant ARC-Message-Signature %d', $instance; } return; } $self->{messages}[$instance] = $signature; } } sub check_signature { my $self = shift; croak 'wrong number of arguments' unless ( @_ == 1 ); my ($signature) = @_; unless ( $signature->check_version ) { # unsupported version if ( defined $signature->version ) { $self->{signature_reject_reason} = 'unsupported version ' . $signature->version; } else { $self->{signature_reject_reason} = 'missing v tag'; } return 0; } unless ( $signature->algorithm && $signature->get_algorithm_class( $signature->algorithm ) && ( !$self->{Strict} || $signature->algorithm ne 'rsa-sha1' ) ) # no more SHA1 for us in strict mode { # unsupported algorithm $self->{signature_reject_reason} = 'unsupported algorithm'; if ( defined $signature->algorithm ) { $self->{signature_reject_reason} .= ' ' . $signature->algorithm; } return 0; } unless ( $signature->check_canonicalization ) { # unsupported canonicalization method $self->{signature_reject_reason} = 'unsupported canonicalization'; if ( defined $signature->canonicalization ) { $self->{signature_reject_reason} .= ' ' . $signature->canonicalization; } return 0; } unless ( $signature->check_protocol ) { # unsupported query protocol $self->{signature_reject_reason} = !defined( $signature->protocol ) ? 'missing q tag' : 'unsupported query protocol, q=' . $signature->protocol; return 0; } unless ( $signature->check_expiration ) { # signature has expired $self->{signature_reject_reason} = 'signature is expired'; return 0; } unless ( defined $signature->domain ) { # no domain specified $self->{signature_reject_reason} = 'missing d tag'; return 0; } if ( $signature->domain eq '' ) { # blank domain $self->{signature_reject_reason} = 'invalid domain in d tag'; return 0; } unless ( defined $signature->selector ) { # no selector specified $self->{signature_reject_reason} = 'missing s tag'; return 0; } return 1; } sub check_public_key { my $self = shift; croak 'wrong number of arguments' unless ( @_ == 2 ); my ( $signature, $public_key ) = @_; my $result = 0; eval { local $SIG{__DIE__}; $@ = undef; # HACK- I'm indecisive here about whether I want the # check_foo functions to return false or to "die" # on failure # check public key's allowed hash algorithms $result = $public_key->check_hash_algorithm( $signature->hash_algorithm ); # HACK- DomainKeys signatures are allowed to have an empty g= # tag in the public key # my $empty_g_means_wildcard = $signature->isa('Mail::DKIM::DkSignature'); # check public key's granularity $result &&= $public_key->check_granularity( $signature->domain, 0 ); # $signature->instance, $empty_g_means_wildcard); die $@ if $@; 1 } || do { my $E = $@; chomp $E; $self->{signature_reject_reason} = "public key: $E"; }; return $result; } # # called when the verifier has received the last of the message headers # (body is still to come) # sub finish_header { my $self = shift; # Signatures we found and were successfully parsed are stored in # $self->{signatures}. If none were found, our result is "none". if ( @{ $self->{signatures} } == 0 && !defined( $self->{signature_reject_reason} ) ) { $self->{result} = 'none'; return; } # check for duplicate AAR headers (dup AS and AMS checked in add_signature) my @aars = []; foreach my $hdr ( @{ $self->{headers} } ) { if ( my ($i) = $hdr =~ m{ARC-Authentication-Results:\s*i=(\d+)\s*;}i ) { if ( defined $aars[$i] ) { $self->{result} = 'fail'; $self->{details} = "Duplicate ARC-Authentication-Results header $1"; return; } $aars[$i] = $hdr; } } foreach my $algorithm ( @{ $self->{algorithms} } ) { $algorithm->finish_header( Headers => $self->{headers}, Chain => 'pass' ); } # stop processing signatures that are already known to be invalid @{ $self->{algorithms} } = grep { my $sig = $_->signature; !( $sig->result && $sig->result eq 'invalid' ); } @{ $self->{algorithms} }; if ( @{ $self->{algorithms} } == 0 && @{ $self->{signatures} } > 0 ) { $self->{result} = $self->{signatures}->[0]->result || 'invalid'; $self->{details} = $self->{signatures}->[0]->{verify_details} || $self->{signature_reject_reason}; return; } } sub _check_and_verify_signature { my $self = shift; my ($algorithm) = @_; # check signature my $signature = $algorithm->signature; if ( not $signature->get_tag('d') ) { # All sigs must have a D tag $self->{signature_reject_reason} = 'missing D tag'; return ( 'fail', $self->{signature_reject_reason} ); } if ( not $signature->get_tag('b') ) { # All sigs must have a B tag $self->{signature_reject_reason} = 'missing B tag'; return ( 'fail', $self->{signature_reject_reason} ); } if ( not $signature->isa('Mail::DKIM::ARC::Seal') ) { # AMS tests unless ( $signature->get_tag('bh') ) { # AMS must have a BH tag $self->{signature_reject_reason} = 'missing BH tag'; return ( 'fail', $self->{signature_reject_reason} ); } if ( ( $signature->get_tag('h') || '' ) =~ /arc-seal/i ) { # cannot cover AS $self->{signature_reject_reason} = 'Arc-Message-Signature covers Arc-Seal'; return ( 'fail', $self->{signature_reject_reason} ); } } # AMS signature must not # get public key my $pkey; eval { local $SIG{__DIE__}; $pkey = $signature->get_public_key; 1 } || do { my $E = $@; chomp $E; $self->{signature_reject_reason} = "public key: $E"; return ( 'invalid', $self->{signature_reject_reason} ); }; unless ( $self->check_public_key( $signature, $pkey ) ) { return ( 'invalid', $self->{signature_reject_reason} ); } # make sure key is big enough my $keysize = $pkey->cork->size * 8; # in bits if ( $keysize < 1024 && $self->{Strict} ) { $self->{signature_reject_reason} = "Key length $keysize too short"; return ( 'fail', $self->{signature_reject_reason} ); } # verify signature my $result; my $details; local $@ = undef; eval { local $SIG{__DIE__}; $result = $algorithm->verify() ? 'pass' : 'fail'; $details = $algorithm->{verification_details} || $@; 1 } || do { # see also add_signature chomp( my $E = $@ ); if ( $E =~ /(OpenSSL error: .*?) at / ) { $E = $1; } elsif ( $E =~ /^(panic:.*?) at / ) { $E = "OpenSSL $1"; } $result = 'fail'; $details = $E; }; return ( $result, $details ); } sub finish_body { my $self = shift; return if $self->{result}; # already failed foreach my $algorithm ( @{ $self->{algorithms} } ) { # finish canonicalizing $algorithm->finish_body; my ( $result, $details ) = $self->_check_and_verify_signature($algorithm); # save the results of this signature verification $algorithm->{result} = $result; $algorithm->{details} = $details; $self->{signature} ||= $algorithm->signature; # something if we fail $algorithm->signature->result( $result, $details ); } my $seals = $self->{seals} || []; my $messages = $self->{messages} || []; unless ( @$seals or @$messages ) { $self->{result} = 'none'; $self->{details} = 'no ARC headers found'; return; } # determine if it's valid: # 5.1.1.5. Determining the 'cv' Tag Value for ARC-Seal # In order for a series of ARC sets to be considered valid, the # following statements MUST be satisfied: # 1. The chain of ARC sets must have structural integrity (no sets or # set component header fields missing, no duplicates, excessive # hops (cf. Section 5.1.1.1.1), etc.); if ( $#$seals == 0 ) { $self->{result} = 'fail'; $self->{details} = 'missing ARC-Seal 1'; return; } if ( $#$messages == 0 ) { $self->{result} = 'fail'; $self->{details} = 'missing ARC-Message-Signature 1'; return; } if ( $#$messages > $#$seals ) { $self->{result} = 'fail'; $self->{details} = 'missing Arc-Seal ' . $#$messages; return; } foreach my $i ( 1 .. $#$seals ) { # XXX - we should error if it's already present, but that's done above if at all if ( !$seals->[$i] ) { $self->{result} = 'fail'; $self->{details} = "missing ARC-Seal $i"; return; } if ( !$messages->[$i] ) { $self->{result} = 'fail'; $self->{details} = "missing ARC-Message-Signature $i"; return; } } # 2. All ARC-Seal header fields MUST validate; foreach my $i ( 1 .. $#$seals ) { my $result = $seals->[$i]->result(); if ( $result ne 'pass' ) { $self->{signature} = $seals->[$i]->signature; $self->{result} = $result; $self->{details} = $seals->[$i]->result_detail(); return; } } # 3. All ARC-Seal header fields MUST have a chain value (cv=) status # of "pass" (except the first which MUST be "none"); and my $cv = $seals->[1]->get_tag('cv'); if ( !defined $cv or $cv ne 'none' ) { $self->{signature} = $seals->[1]->signature; $self->{result} = 'fail'; $self->{details} = 'first ARC-Seal must be cv=none'; return; } foreach my $i ( 2 .. $#$seals ) { my $cv = $seals->[$i]->get_tag('cv'); if ( $cv ne 'pass' ) { $self->{signature} = $seals->[$i]->signature; $self->{result} = 'fail'; $self->{details} = "wrong cv for ARC-Seal i=$i"; return; } } # 4. The newest (highest instance number (i=)) AMS header field MUST # validate. my $result = $messages->[$#$seals]->result(); if ( $result ne 'pass' ) { $self->{signature} = $messages->[$#$seals]->signature; $self->{result} = $result; $self->{details} = $messages->[$#$seals]->result_detail(); return; } # Success! $self->{signature} = $seals->[$#$seals]->signature(); $self->{result} = 'pass'; $self->{details} = $seals->[$#$seals]->result_detail(); } sub result_detail { my $self = shift; return 'none' if $self->{result} eq 'none'; my @items; foreach my $signature ( @{ $self->{signatures} } ) { my $type = ref($signature) eq 'Mail::DKIM::ARC::Seal' ? 'as' : ref($signature) eq 'Mail::DKIM::ARC::MessageSignature' ? 'ams' : ref($signature); push @items, "$type." . ( $signature->instance() || '' ) . '.' . ( $signature->domain() || '(none)' ) . '=' . ( $signature->result_detail() || '?' ); } return $self->{result} . ' (' . join( ', ', @items ) . ')'; } sub signatures { my $self = shift; croak 'unexpected argument' if @_; return @{ $self->{signatures} }; } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::ARC::Verifier - verifies an ARC-Sealed message =head1 VERSION version 1.20200907 =head1 SYNOPSIS use Mail::DKIM::ARC::Verifier; # create a verifier object my $arc = Mail::DKIM::ARC::Verifier->new(); # read an email from a file handle $arc->load(*STDIN); # or read an email and pass it into the verifier, incrementally while () { # remove local line terminators chomp; s/\015$//; # use SMTP line terminators $arc->PRINT("$_\015\012"); } $arc->CLOSE; # what is the result of the verify? my $result = $arc->result; # print the results for all the message-signatures and seals on the message foreach my $signature ($arc->signatures) { print $signature->prefix() . ' v=' . $signature->instance . ' ' . $signature->result_detail . "\n"; } # example output. Note that to pass, only the MOST RECENT ARC-Message-Signature # must match, because other steps may have modified the signature. What matters # is that all ARC-Seals pass, and the most recent ARC-Message-Signature passes. =head1 DESCRIPTION The verifier object allows an email message to be scanned for ARC seals and their associated signatures to be verified. The verifier tracks the state of the message as it is read into memory. When the message has been completely read, the signatures are verified and the results of the verification can be accessed. To use the verifier, first create the verifier object. Then start "feeding" it the email message to be verified. When all the _headers_ have been read, the verifier: 1. checks whether any ARC signatures were found 2. queries for the public keys needed to verify the signatures 3. sets up the appropriate algorithms and canonicalization objects 4. canonicalizes the headers and computes the header hash Then, when the _body_ of the message has been completely fed into the verifier, the body hash is computed and the signatures are verified. The results of the verification can be checked with L or L. The final result is calculated by the algorithm layed out in https://tools.ietf.org/html/draft-ietf-dmarc-arc-protocol-06 - if ALL ARC-Seal headers pass and the highest index (i=) ARC-Message-Signature passes, then the seal is intact. =head1 CONSTRUCTOR =head2 new() Constructs an object-oriented verifier. my $arc = Mail::DKIM::ARC::Verifier->new(); my $arc = Mail::DKIM::ARC::Verifier->new(%options); The only options supported at this time are: =over =item AS_Canonicalization if specified, the canonicalized message for the ARC-Seal is written to the referenced string or file handle. =item AMA_Canonicalization if specified, the canonicalized message for the ARC-Message-Signature is written to the referenced string or file handle. =item Strict If true, rejects sha1 hashes and signing keys shorter than 1024 bits. =back =head1 METHODS =head2 PRINT() Feeds part of the message to the verifier. $arc->PRINT("a line of the message\015\012"); $arc->PRINT('more of'); $arc->PRINT(" the message\015\012bye\015\012"); Feeds content of the message being verified into the verifier. The API is designed this way so that the entire message does NOT need to be read into memory at once. Please note that although the PRINT() method expects you to use SMTP-style line termination characters, you should NOT use the SMTP-style dot-stuffing technique described in RFC 2821 section 4.5.2. Nor should you use a . sequence to terminate the message. =head2 CLOSE() Call this when finished feeding in the message. $arc->CLOSE; This method finishes the canonicalization process, computes a hash, and verifies the signature. =head2 load() Load the entire message from a file handle. $arc->load($file_handle); Reads a complete message from the designated file handle, feeding it into the verifier. The message must use line terminators (same as the SMTP protocol). =head2 message_originator() Access the "From" header. my $address = $arc->message_originator; Returns the "originator address" found in the message, as a L object. This is typically the (first) name and email address found in the From: header. If there is no From: header, then an empty L object is returned. To get just the email address part, do: my $email = $arc->message_originator->address; See also L. =head2 message_sender() Access the "From" or "Sender" header. my $address = $arc->message_sender; Returns the "sender" found in the message, as a L object. This is typically the (first) name and email address found in the Sender: header. If there is no Sender: header, it is the first name and email address in the From: header. If neither header is present, then an empty L object is returned. To get just the email address part, do: my $email = $arc->message_sender->address; The "sender" is the mailbox of the agent responsible for the actual transmission of the message. For example, if a secretary were to send a message for another person, the "sender" would be the secretary and the "originator" would be the actual author. =head2 result() Access the result of the verification. my $result = $arc->result; Gives the result of the verification. The following values are possible: =over =item pass Returned if a valid ARC chain was found, with all the ARC-Seals passing, and the most recent (highest index) ARC-Message-Signature passing. =item fail Returned if any ARC-Seal failed, or if the ARC-Message-Signature failed. Will also be a fail if there is a DNS temporary failure, which is a known flaw in this version of the ARC::Verifier. Future versions may reject this message outright (4xx) and ask the sender to attempt delivery later to avoid creating a broken chain. There is no temperror for ARC, as it doesn't make sense to sign a chain with temperror in it or every spammer would just use one of those. =item invalid Returned if a ARC-Seal could not be checked because of a problem in the signature itself or the public key record. I.e. the signature could not be processed. =item none Returned if no ARC-* headers were found. =back =head2 result_detail() Access the result, plus details if available. my $detail = $dkim->result_detail; The detail is constructed by taking the result (e.g. "pass", "fail", "invalid" or "none") and appending any details provided by the verification process for the topmost ARC-Seal in parenthesis. The following are possible results from the result_detail() method: pass fail (bad RSA signature) fail (OpenSSL error: ...) fail (message has been altered) fail (body has been altered) invalid (bad instance) invalid (invalid domain in d tag) invalid (missing q tag) invalid (missing d tag) invalid (missing s tag) invalid (unsupported version 0.1) invalid (unsupported algorithm ...) invalid (unsupported canonicalization ...) invalid (unsupported query protocol ...) invalid (signature is expired) invalid (public key: not available) invalid (public key: unknown query type ...) invalid (public key: syntax error) invalid (public key: unsupported version) invalid (public key: unsupported key type) invalid (public key: missing p= tag) invalid (public key: invalid data) invalid (public key: does not support email) invalid (public key: does not support hash algorithm 'sha1') invalid (public key: does not support signing subdomains) invalid (public key: revoked) invalid (public key: granularity mismatch) invalid (public key: granularity is empty) invalid (public key: OpenSSL error: ...) none =head2 signatures() Access all of this message's signatures. my @all_signatures = $arc->signatures; Use $signature->result or $signature->result_detail to access the verification results of each signature. Use $signature->instance and $signature->prefix to find the instance and header-name for each signature. =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/ARC/Seal.pm0000644000175000017500000001134513725344750016171 0ustar marcmarcpackage Mail::DKIM::ARC::Seal; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: represents a ARC-Seal header # Copyright 2017 FastMail Pty Ltd. All Rights Reserved. # Bron Gondwana # # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use base 'Mail::DKIM::ARC::MessageSignature'; sub new { my $class = shift; my %prms = @_; my $self = {}; bless $self, $class; $self->instance( $prms{'Instance'} ) if exists $prms{'Instance'}; $self->algorithm( $prms{'Algorithm'} || 'rsa-sha256' ); $self->signature( $prms{'Signature'} ); $self->canonicalization( $prms{'Method'} ) if exists $prms{'Method'}; $self->chain( $prms{'Chain'} || 'none' ); $self->domain( $prms{'Domain'} ); $self->selector( $prms{'Selector'} ); $self->timestamp( defined $prms{'Timestamp'} ? $prms{'Timestamp'} : time() ); $self->expiration( $prms{'Expiration'} ) if defined $prms{'Expiration'}; $self->key( $prms{'Key'} ) if defined $prms{'Key'}; return $self; } sub body_hash { # Not defined for ARC-Seal return; } sub DEFAULT_PREFIX { return 'ARC-Seal:'; } sub chain { my $self = shift; if (@_) { my $cv = shift; die "INVALID chain value $cv" unless grep { $cv eq $_ } qw(none fail pass); $self->set_tag( 'cv', $cv ); } return $self->get_tag('cv'); } sub canonicalization { return ( 'seal', 'seal' ); } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::ARC::Seal - represents a ARC-Seal header =head1 VERSION version 1.20200907 =head1 CONSTRUCTORS =head2 new() - create a new signature from parameters my $signature = Mail::DKIM::ARC::Seal->new( [ Algorithm => 'rsa-sha256', ] [ Signature => $base64, ] [ Domain => 'example.org', ] [ Instance => 1, ] [ Chain => 'none', ] # none|fail|pass [ Query => 'dns', ] [ Selector => 'alpha', ] [ Timestamp => time(), ] [ Expiration => time() + 86400, ] ); The ARC-Seal is similar to a DKIM signature but with the following changes: https://tools.ietf.org/html/draft-ietf-dmarc-arc-protocol-06 5.1.1.1. Tags in the ARC-Seal Header Field Value The following tags are the only supported tags for an ARC-Seal field. All of them MUST be present. Unknown tags MUST be ignored and do not affect the validity of the header. o a = hash algorithm; syntax is the same as the "a=" tag defined in Section 3.5 of [RFC6376]; o b = digital signature; syntax is the same as the "b=" tag defined in Section 3.5 of [RFC6376]; o cv = chain validation status: valid values: * 'none' = no pre-existing chain; * 'fail' = the chain as received does not or can not validate; or * 'pass' = valid chain received. o d = domain for key; syntax is the same as the "d=" tag defined in Section 3.5 of [RFC6376]; o i = "instance" or sequence number; monotonically increasing at each "sealing" entity, beginning with '1', see Section 5.1.1.1.1 regarding the valid range o s = selector for key; syntax is the same as the "s=" tag defined in Section 3.5 of [RFC6376]; o t = timestamp; syntax is the same as the "t=" tag defined in Section 3.5 of [RFC6376]. =head2 chain() - get or set the chain parameter (cv=) field This must be one of "pass", "fail" or "none". For a chain to be valid, the very first (i=1) seal MUST be cv=none, and all further seals MUST be cv=pass. =head2 instance() - get or set the signing instance (i=) field my $i = $signature->instance; Instances must be integers less than 1024 according to the spec. =head1 SEE ALSO L for DKIM-Signature headers L for ARC-Message-Signature headers =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/ARC/Signer.pm0000644000175000017500000006404513725344750016541 0ustar marcmarcpackage Mail::DKIM::ARC::Signer; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: generates a DKIM signature for a message # Copyright 2017 FastMail Pty Ltd. All Rights Reserved. # Bron Gondwana # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use Mail::DKIM::PrivateKey; use Mail::DKIM::ARC::MessageSignature; use Mail::DKIM::ARC::Seal; use Mail::AuthenticationResults::Parser; use Mail::AuthenticationResults::Header::AuthServID; use base 'Mail::DKIM::Common'; use Carp; # PROPERTIES # # public: # # $signer->{Algorithm} # identifies what algorithm to use when signing the message # default is "rsa-sha256" # # $signer->{Domain} # identifies what domain the message is signed for # # $signer->{SrvId} # identifies what authserv-id is in the A-R headers # # $signer->{KeyFile} # name of the file containing the private key used to sign # # $signer->{Policy} # a signing policy (of type Mail::DKIM::SigningPolicy) # # $signer->{Selector} # identifies name of the selector identifying the key # # $signer->{Key} # the loaded private key # # private: # # $signer->{algorithms} = [] # an array of algorithm objects... an algorithm object is created for # each signature being added to the message # # $signer->{result} # result of the signing policy: "signed" or "skipped" # # $signer->{details} # why we skipped this signature # # $signer->{signature} # the created signature (of type Mail::DKIM::Signature) sub init { my $self = shift; $self->SUPER::init; if ( defined $self->{KeyFile} ) { $self->{Key} ||= Mail::DKIM::PrivateKey->load( File => $self->{KeyFile} ); } unless ( $self->{'Algorithm'} ) { # use default algorithm $self->{'Algorithm'} = 'rsa-sha256'; } unless ( $self->{'Domain'} ) { # use default domain $self->{'Domain'} = 'example.org'; } unless ( $self->{'SrvId'} ) { # use default domain $self->{'SrvId'} = $self->{'Domain'}; } unless ( $self->{'Selector'} ) { # use default selector $self->{'Selector'} = 'unknown'; } $self->{result} = '?'; # better update this before we finish die 'Invalid signing algorithm' unless $self->{Algorithm} eq 'rsa-sha256'; # add ed25519 sometime die 'Need a valid chain value' unless $self->{Chain} and $self->{Chain} =~ m{^(pass|fail|none|ar)$}; } sub finish_header { my $self = shift; # add the AAR header my @aar; my @ams; my @as; my $ar; HEADER: foreach my $header ( @{ $self->{headers} } ) { $header =~ s/[\r\n]+$//; if ( $header =~ m/^Authentication-Results:/ ) { my ( $arval ) = $header =~ m/^Authentication-Results:[^;]*;[\t ]*(.*)/is; my $parsed; eval { $parsed= Mail::AuthenticationResults::Parser->new ->parse( $header ); 1 } || do { my $error = $@; warn "Authentication-Results Header parse error: $error\n$header"; next HEADER; }; my $ardom = $parsed->value->value; next unless "\L$ardom" eq $self->{SrvId}; # make sure it's our domain $arval =~ s/;?\s*$//; # ignore trailing semicolon and whitespace # preserve leading fold if there is one, otherwise set one leading space $arval =~ s/^\s*/ / unless ($arval =~ m/^\015\012/); if ($ar) { $ar .= ";$arval"; } else { $ar = "$ardom;$arval"; } # get chain value from A-R header $self->{Chain} = $1 if $self->{Chain} eq 'ar' and $arval =~ m{\barc=(none|pass|fail)}; } else { # parse ARC headers to make sure we have completeness if ( $header =~ m/^ARC-/ ) { if ( !$ar ) { $self->{result} = 'skipped'; $self->{details} = 'ARC header seen before Authentication-Results'; return; } if ( $self->{Chain} eq 'ar' ) { $self->{result} = 'skipped'; $self->{details} = 'No ARC result found in Authentication-Results'; return; } } if ( $header =~ m/^ARC-Seal:/ ) { my $seal = Mail::DKIM::ARC::Seal->parse($header); my $i = $seal->instance; if ( $as[$i] ) { $self->{result} = 'skipped'; $self->{details} = "Duplicate ARC-Seal $i"; return; } $as[$i] = $seal; } elsif ( $header =~ m/^ARC-Message-Signature:/ ) { my $sig = Mail::DKIM::ARC::MessageSignature->parse($header); my $i = $sig->instance; if ( $ams[$i] ) { $self->{result} = 'skipped'; $self->{details} = "Duplicate ARC-Message-Signature $i"; return; } $ams[$i] = $sig; } elsif ( $header =~ m/^ARC-Authentication-Results:\s*i=(\d+)/ ) { my $i = $1; if ( $aar[$i] ) { $self->{result} = 'skipped'; $self->{details} = "Duplicate ARC-Authentication-Results $i"; return; } $aar[$i] = $header; } } } unless ($ar) { $self->{result} = 'skipped'; $self->{details} = 'No authentication results seen'; return; } $self->{Chain} = 'none' if ($self->{Chain} eq 'ar'); if ( $#ams > $#as ) { $self->{result} = 'skipped'; $self->{details} = 'More message signatures than seals'; return; } if ( $#aar > $#as ) { $self->{result} = 'skipped'; $self->{details} = 'More authentication results than seals'; return; } foreach my $i ( 1 .. $#as ) { unless ( $as[$i] ) { $self->{result} = 'skipped'; $self->{details} = "Missing ARC-Seal $i"; return; } unless ( $ams[$i] ) { $self->{result} = 'skipped'; $self->{details} = "Missing Arc-Message-Signature $i"; return; } # don't care about authentication results, they are compulsary } $self->{_Instance} = @as || 1; # next instance value # first add the AAR header $self->{_AAR} = "ARC-Authentication-Results: i=$self->{_Instance}; $ar"; unshift @{ $self->{headers} }, $self->{_AAR}; # set up the signer for AMS $self->add_signature( Mail::DKIM::ARC::MessageSignature->new( Algorithm => $self->{Algorithm}, Headers => $self->headers, Instance => $self->{_Instance}, Method => 'relaxed/relaxed', Domain => $self->{Domain}, Selector => $self->{Selector}, Key => $self->{Key}, KeyFile => $self->{KeyFile}, ( $self->{Timestamp} ? ( Timestamp => $self->{Timestamp} ) : () ), ) ); foreach my $algorithm ( @{ $self->{algorithms} } ) { # output header as received so far into canonicalization foreach my $header ( @{ $self->{headers} } ) { $algorithm->add_header($header); } $algorithm->finish_header( Headers => $self->{headers} ); } } sub finish_body { my $self = shift; if ( $self->{result} eq 'skipped' ) { # already failed $self->{_AS} = undef; return; } foreach my $algorithm ( @{ $self->{algorithms} } ) { # finished canonicalizing $algorithm->finish_body; # load the private key file if necessary my $signature = $algorithm->signature; my $key = $signature->{Key} || $signature->{KeyFile} || $self->{Key} || $self->{KeyFile}; if ( defined($key) && !ref($key) ) { $key = Mail::DKIM::PrivateKey->load( File => $key ); } $key or die "no key available to sign with\n"; # compute signature value my $signb64 = $algorithm->sign($key); $signature->data($signb64); # insert linebreaks in signature data, if desired $signature->prettify_safe(); $self->{_AMS} = $signature->as_string(); unshift @{ $self->{headers} }, $self->{_AMS}; } # reset the internal state $self->{signatures} = []; $self->{algorithms} = []; $self->add_signature( Mail::DKIM::ARC::Seal->new( Algorithm => $self->{Algorithm}, Chain => $self->{Chain}, Headers => $self->headers, Instance => $self->{_Instance}, Domain => $self->{Domain}, Selector => $self->{Selector}, Key => $self->{Key}, KeyFile => $self->{KeyFile}, ( $self->{Timestamp} ? ( Timestamp => $self->{Timestamp} ) : () ), ) ); foreach my $algorithm ( @{ $self->{algorithms} } ) { # output header as received so far into canonicalization foreach my $header ( @{ $self->{headers} } ) { $algorithm->add_header($header); } # chain needed for seal canonicalization $algorithm->finish_header( Headers => $self->{headers}, Chain => $self->{Chain} ); # no body is required for ARC-Seal # finished canonicalizing $algorithm->finish_body; # load the private key file if necessary my $signature = $algorithm->signature; my $key = $signature->{Key} || $signature->{KeyFile} || $self->{Key} || $self->{KeyFile}; if ( defined($key) && !ref($key) ) { $key = Mail::DKIM::PrivateKey->load( File => $key ); } $key or die "no key available to sign ARC-Seal\n"; # compute signature value my $signb64 = $algorithm->sign($key); $signature->data($signb64); # insert linebreaks in signature data, if desired $signature->prettify_safe(); $self->{_AS} = $signature->as_string(); } $self->{result} = 'sealed'; } sub add_signature { my $self = shift; my $signature = shift; # create a canonicalization filter and algorithm my $algorithm_class = $signature->get_algorithm_class( $signature->algorithm ) or die 'unsupported algorithm ' . ( $signature->algorithm || '' ) . "\n"; my $algorithm = $algorithm_class->new( Signature => $signature, Debug_Canonicalization => $self->{Debug_Canonicalization}, ); push @{ $self->{algorithms} }, $algorithm; return; } sub algorithm { my $self = shift; if ( @_ == 1 ) { $self->{Algorithm} = shift; } return $self->{Algorithm}; } sub domain { my $self = shift; if ( @_ == 1 ) { $self->{Domain} = shift; } return $self->{Domain}; } # these are headers that "should" be included in the signature, # according to the DKIM spec. my @DEFAULT_HEADERS = qw(From Sender Reply-To Subject Date Message-ID To Cc MIME-Version Content-Type Content-Transfer-Encoding Content-ID Content-Description Resent-Date Resent-From Resent-Sender Resent-To Resent-cc Resent-Message-ID In-Reply-To References List-Id List-Help List-Unsubscribe List-Subscribe List-Post List-Owner List-Archive); sub process_headers_hash { my $self = shift; my @headers; # these are the header fields we found in the message we're signing my @found_headers = @{ $self->{header_field_names} }; # Convert all keys to lower case foreach my $header ( keys %{ $self->{'ExtendedHeaders'} } ) { next if $header eq lc $header; if ( exists $self->{'ExtendedHeaders'}->{ lc $header } ) { # Merge my $first = $self->{'ExtendedHeaders'}->{ lc $header }; my $second = $self->{'ExtendedHeaders'}->{$header}; if ( $first eq '+' || $second eq '+' ) { $self->{'ExtendedHeaders'}->{ lc $header } = '+'; } elsif ( $first eq '*' || $second eq '*' ) { $self->{'ExtendedHeaders'}->{ lc $header } = '*'; } else { $self->{'ExtendedHeaders'}->{ lc $header } = $first + $second; } } else { # Rename $self->{'ExtendedHeaders'}->{ lc $header } = $self->{'ExtendedHeaders'}->{$header}; } delete $self->{'ExtendedHeaders'}->{$header}; } # Add the default headers if ( !$self->{'NoDefaultHeaders'} ) { foreach my $default (@DEFAULT_HEADERS) { if ( !exists $self->{'ExtendedHeaders'}->{ lc $default } ) { $self->{'ExtendedHeaders'}->{ lc $default } = '*'; } } } # Build a count of found headers my $header_counts = {}; foreach my $header (@found_headers) { if ( !exists $header_counts->{ lc $header } ) { $header_counts->{ lc $header } = 1; } else { $header_counts->{ lc $header } = $header_counts->{ lc $header } + 1; } } foreach my $header ( sort keys %{ $self->{'ExtendedHeaders'} } ) { my $want_count = $self->{'ExtendedHeaders'}->{$header}; my $have_count = $header_counts->{ lc $header } || 0; my $add_count = 0; if ( $want_count eq '+' ) { $add_count = $have_count + 1; } elsif ( $want_count eq '*' ) { $add_count = $have_count; } else { if ( $want_count > $have_count ) { $add_count = $have_count; } else { $add_count = $want_count; } } for ( 1 .. $add_count ) { push @headers, $header; } } return join( ':', @headers ); } sub extended_headers { my $self = shift; $self->{'ExtendedHeaders'} = shift; return; } sub headers { my $self = shift; croak 'unexpected argument' if @_; if ( exists $self->{'ExtendedHeaders'} ) { return $self->process_headers_hash(); } # these are the header fields we found in the message we're signing my @found_headers = @{ $self->{header_field_names} }; # these are the headers we actually want to sign my @wanted_headers; if ( !$self->{'NoDefaultHeaders'} ) { @wanted_headers = @DEFAULT_HEADERS; } if ( $self->{Headers} ) { push @wanted_headers, split /:/, $self->{Headers}; } my @headers = grep { my $a = $_; scalar grep { lc($a) eq lc($_) } @wanted_headers } @found_headers; return join( ':', @headers ); } # return nonzero if this is header we should sign sub want_header { my $self = shift; my ($header_name) = @_; #TODO- provide a way for user to specify which headers to sign return scalar grep { lc($_) eq lc($header_name) } @DEFAULT_HEADERS; } sub key { my $self = shift; if (@_) { $self->{Key} = shift; $self->{KeyFile} = undef; } return $self->{Key}; } sub key_file { my $self = shift; if (@_) { $self->{Key} = undef; $self->{KeyFile} = shift; } return $self->{KeyFile}; } sub selector { my $self = shift; if ( @_ == 1 ) { $self->{Selector} = shift; } return $self->{Selector}; } sub signatures { my $self = shift; croak 'no arguments allowed' if @_; return map { $_->signature } @{ $self->{algorithms} }; } sub as_string { my $self = shift; return '' unless $self->{_AS}; # skipped, no signature return join( "\015\012", $self->{_AS}, $self->{_AMS}, $self->{_AAR}, '' ); } sub as_strings { my $self = shift; return ( $self->{_AS}, $self->{_AMS}, $self->{_AAR} ); } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::ARC::Signer - generates a DKIM signature for a message =head1 VERSION version 1.20200907 =head1 SYNOPSIS use Mail::DKIM::ARC::Signer; use Mail::DKIM::TextWrap; #recommended # create a signer object my $signer = Mail::DKIM::ARC::Signer->new( Algorithm => 'rsa-sha256', Chain => 'none', # or pass|fail|ar Domain => 'example.org', SrvId => 'example.org', Selector => 'selector1', KeyFile => 'private.key', Headers => 'x-header:x-header2', ); # read an email from a file handle $signer->load(*STDIN); # NOTE: any email being ARC signed must have an Authentication-Results # header so that the ARC seal can cover those results copied into # an ARC-Authentication-Results header. # or read an email and pass it into the signer, one line at a time while () { # remove local line terminators chomp; s/\015$//; # use SMTP line terminators $signer->PRINT("$_\015\012"); } $signer->CLOSE; die 'Failed' $signer->result_details() unless $signer->result() eq 'sealed'; # Get all the signature headers to prepend to the message # ARC-Seal, ARC-Message-Signature and ARC-Authentication-Results # in that order. print $signer->as_string; =head1 DESCRIPTION This class is the part of L responsible for generating ARC Seals for a given message. You create an object of this class, specifying the parameters for the ARC-Message-Signature you wish to create. You also need to pass the 'Chain' value (pass or fail) from validation of the previous ARC-Seals on the message. Next, you feed it the entire message using L, completing with L. Finally, use the L method to get the new ARC headers. Note: you can only seal a message which has already had an Authentication-Results header added, either by using L to pre-feed it into this module, or by adding a message which has already been authenticated by your inbound scanning mechanisms. It is not necessary to ARC-Seal a message which already has DKIM signatures if you are not modifying the message and hence breaking the existing DKIM-Signature or top ARC-Message-Signature on the email. =head2 Pretty Signatures L includes a signature-wrapping module (which inserts linebreaks into the generated signature so that it looks nicer in the resulting message. To enable this module, simply call use Mail::DKIM::TextWrap; in your program before generating the signature. =head1 CONSTRUCTOR =head2 new() Construct an object-oriented signer. # create a signer using the default policy my $signer = Mail::DKIM::ARC::Signer->new( Algorithm => 'rsa-sha256', Chain => 'none', # or pass|fail|ar Domain => 'example.org', SrvId => 'example.org', Selector => 'selector1', KeyFile => 'private.key', Headers => 'x-header:x-header2', ); =over =item Key rather than using C, use C to use an already-loaded L object. =item Chain The cv= value for the Arc-Seal header. "ar" means to copy it from an Authentication-Results header, or use none if there isn't one. =item SrvId The authserv-id in the Authentication-Results headers, defaults to Domain. =item Headers A colon separated list of headers to sign, this is added to the list of default headers as shown in in the DKIM specification. For each specified header all headers of that type which are present in the message will be signed, but we will not oversign or sign headers which are not present. If you require greater control over signed headers please use the extended_headers() method instead. The list of headers signed by default is as follows From Sender Reply-To Subject Date Message-ID To Cc MIME-Version Content-Type Content-Transfer-Encoding Content-ID Content-Description Resent-Date Resent-From Resent-Sender Resent-To Resent-cc Resent-Message-ID In-Reply-To References List-Id List-Help List-Unsubscribe List-Subscribe List-Post List-Owner List-Archive =back =head1 METHODS =head2 PRINT() Feed part of the message to the signer. $signer->PRINT("a line of the message\015\012"); Feeds content of the message being signed into the signer. The API is designed this way so that the entire message does NOT need to be read into memory at once. Please note that although the PRINT() method expects you to use SMTP-style line termination characters, you should NOT use the SMTP-style dot-stuffing technique described in RFC 2821 section 4.5.2. Nor should you use a . sequence to terminate the message. =head2 CLOSE() Call this when finished feeding in the message. $signer->CLOSE; This method finishes the canonicalization process, computes a hash, and generates a signature. =head2 extended_headers() This method overrides the headers to be signed and allows more control than is possible with the Headers property in the constructor. The method expects a HashRef to be passed in. The Keys are the headers to sign, and the values are either the number of headers of that type to sign, or the special values '*' and '+'. * will sign ALL headers of that type present in the message. + will sign ALL + 1 headers of that type present in the message to prevent additional headers being added. You may override any of the default headers by including them in the hashref, and disable them by giving them a 0 value. Keys are case insensitive with the values being added upto the highest value. Headers => { 'X-test' => '*', 'x-test' => '1', 'Subject' => '+', 'Sender' => 0, }, =head2 add_signature() Used by signer policy to create a new signature. $signer->add_signature(new Mail::DKIM::Signature(...)); Signer policies can use this method to specify complete parameters for the signature to add, including what type of signature. For more information, see L. =head2 algorithm() Get or set the selected algorithm. $alg = $signer->algorithm; $signer->algorithm('rsa-sha256'); =head2 domain() Get or set the selected domain. $alg = $signer->domain; $signer->domain('example.org'); =head2 load() Load the entire message from a file handle. $signer->load($file_handle); Reads a complete message from the designated file handle, feeding it into the signer. The message must use line terminators (same as the SMTP protocol). =head2 headers() Determine which headers to put in signature. my $headers = $signer->headers; This is a string containing the names of the header fields that will be signed, separated by colons. =head2 key() Get or set the private key object. my $key = $signer->key; $signer->key(Mail::DKIM::PrivateKey->load(File => 'private.key')); The key object can be any object that implements the L. (Providing your own object can be useful if your actual keys are stored out-of-process.) If you use this method to specify a private key, do not use L. =head2 key_file() Get or set the filename containing the private key. my $filename = $signer->key_file; $signer->key_file('private.key'); If you use this method to specify a private key file, do not use L. =head2 message_originator() Access the "From" header. my $address = $signer->message_originator; Returns the "originator address" found in the message, as a L object. This is typically the (first) name and email address found in the From: header. If there is no From: header, then an empty L object is returned. To get just the email address part, do: my $email = $signer->message_originator->address; See also L. =head2 message_sender() Access the "From" or "Sender" header. my $address = $dkim->message_sender; Returns the "sender" found in the message, as a L object. This is typically the (first) name and email address found in the Sender: header. If there is no Sender: header, it is the first name and email address in the From: header. If neither header is present, then an empty L object is returned. To get just the email address part, do: my $email = $dkim->message_sender->address; The "sender" is the mailbox of the agent responsible for the actual transmission of the message. For example, if a secretary were to send a message for another person, the "sender" would be the secretary and the "originator" would be the actual author. =head2 selector() Get or set the current key selector. $alg = $dkim->selector; $dkim->selector('alpha'); =head2 signatures() Access list of generated signature objects. my @signatures = $dkim->signatures; Returns all generated signatures, as a list. =head2 as_string() Returns the new ARC headers my $pre_headers = $signer->as_string(); The headers are separated by \015\012 (SMTP line separator) including a trailing separator, so can be directly injected in front of the raw message. =head2 as_strings() Returns the new ARC headers my @pre_headers = $signer->as_string(); The headers are returned as a list so you can add whatever line ending your local MTA prefers. =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/KeyValueList.pm0000644000175000017500000001374513725344750017267 0ustar marcmarcpackage Mail::DKIM::KeyValueList; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: Represents a Key/Value list # Copyright 2005-2007 Messiah College. All rights reserved. # Jason Long # Copyright (c) 2004 Anthony D. Urso. All rights reserved. # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use Carp; sub new { my $class = shift; my %args = @_; my $self = bless \%args, $class; return $self; } sub parse { my $self_or_class = shift; croak 'wrong number of arguments' unless ( @_ == 1 ); my ($string) = @_; my $self = ref($self_or_class) ? $self_or_class : $self_or_class->new; $self->{tags} = []; $self->{tags_by_name} = {}; foreach my $raw_tag ( split /;/, $string, -1 ) { my $tag = { raw => $raw_tag }; push @{ $self->{tags} }, $tag; # strip preceding and trailing whitespace $raw_tag =~ s/^\s+|\s*$//g; next if ( $raw_tag eq '' ); my ( $tagname, $value ) = split( /\s*=\s*/, $raw_tag, 2 ); unless ( defined $value ) { die "syntax error\n"; } $tag->{name} = $tagname; $tag->{value} = $value; $self->{tags_by_name}->{$tagname} = $tag; } return $self; } sub clone { my $self = shift; my $str = $self->as_string; return ref($self)->parse($str); } sub get_tag { my $self = shift; my ($tagname) = @_; if ( $self->{tags_by_name}->{$tagname} ) { return $self->{tags_by_name}->{$tagname}->{value}; } return undef; } sub set_tag { my $self = shift; my ( $tagname, $value ) = @_; if ( $tagname =~ /[;=\015\012\t ]/ ) { croak 'invalid tag name'; } if ( defined $value ) { if ( $value =~ /;/ ) { croak 'invalid tag value'; } if ( $value =~ /\015\012[^\t ]/ ) { croak 'invalid tag value'; } if ( $self->{tags_by_name}->{$tagname} ) { $self->{tags_by_name}->{$tagname}->{value} = $value; my ( $rawname, $rawvalue ) = split( /=/, $self->{tags_by_name}->{$tagname}->{raw}, 2 ); $self->{tags_by_name}->{$tagname}->{raw} = "$rawname=$value"; } else { my $tag = { name => $tagname, value => $value, raw => " $tagname=$value" }; push @{ $self->{tags} }, $tag; $self->{tags_by_name}->{$tagname} = $tag; } } else { if ( $self->{tags_by_name}->{$tagname} ) { delete $self->{tags_by_name}->{$tagname}; } @{ $self->{tags} } = grep { $_->{name} ne $tagname } @{ $self->{tags} }; } } sub as_string { my $self = shift; if ($Mail::DKIM::SORTTAGS) { return join( ';', sort map { $_->{raw} } @{ $self->{tags} } ); } return join( ';', map { $_->{raw} } @{ $self->{tags} } ); } # Start - length of the signature's prefix # Margin - how far to the right the text can go # Insert - characters to insert when wrapping a line # Tags - special processing for tags # Default - how to handle unspecified tags # PreserveNames - if set, the name= part of the tag will be preserved sub wrap { my $self = shift; my %args = @_; my $TEXTWRAP_CLASS = 'Mail::DKIM::TextWrap'; return unless ( UNIVERSAL::can( $TEXTWRAP_CLASS, 'new' ) ); my $result = ''; my $wrap = $TEXTWRAP_CLASS->new( Output => \$result, Separator => $args{Insert} || "\015\012\t", Margin => $args{Margin} || 72, cur => $args{Start} || 0, ); my $did_first; foreach my $tag ( @{ $self->{tags} } ) { my $tagname = $tag->{name}; my $tagtype = $args{Tags}->{$tagname} || $args{Default} || ''; $wrap->{Break} = undef; $wrap->{BreakBefore} = undef; $did_first ? $wrap->add(';') : ( $did_first = 1 ); my ( $raw_name, $raw_value ) = split( /=/, $tag->{raw}, 2 ); unless ( $args{PreserveNames} ) { $wrap->flush; #allow a break before the tag name $raw_name =~ s/^\s*/ /; $raw_name =~ s/\s+$//; } $wrap->add( $raw_name . '=' ); if ( $tagtype eq 'b64' ) { $raw_value =~ s/\s+//gs; #removes all whitespace $wrap->flush; $wrap->{Break} = qr/./; } elsif ( $tagtype eq 'list' ) { $raw_value =~ s/\s+/ /gs; #reduces any whitespace to single space $raw_value =~ s/^\s|\s$//g; #trims preceding/trailing spaces $raw_value =~ s/\s*:\s*/:/g; $wrap->flush; $wrap->{Break} = qr/[\s]/; $wrap->{BreakBefore} = qr/[:]/; } elsif ( $tagtype eq '' ) { $raw_value =~ s/\s+/ /gs; #reduces any whitespace to single space $raw_value =~ s/^\s|\s$//g; #trims preceding/trailing spaces $wrap->flush; $wrap->{Break} = qr/\s/; } $wrap->add($raw_value); } $wrap->finish; parse( $self, $result ); return; } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::KeyValueList - Represents a Key/Value list =head1 VERSION version 1.20200907 =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/DkSignature.pm0000644000175000017500000002331713725344750017122 0ustar marcmarcpackage Mail::DKIM::DkSignature; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: represents a DomainKeys-Signature header # Copyright 2005-2006 Messiah College. All rights reserved. # Jason Long # Copyright (c) 2004 Anthony D. Urso. All rights reserved. # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use Mail::DKIM::PublicKey; use Mail::DKIM::Algorithm::dk_rsa_sha1; use base 'Mail::DKIM::Signature'; use Carp; sub new { my $type = shift; my %prms = @_; my $self = {}; bless $self, $type; $self->algorithm( $prms{'Algorithm'} || 'rsa-sha1' ); $self->signature( $prms{'Signature'} ); $self->canonicalization( $prms{'Method'} || 'simple' ); $self->domain( $prms{'Domain'} ); $self->headerlist( $prms{'Headers'} ); $self->protocol( $prms{'Query'} || 'dns' ); $self->selector( $prms{'Selector'} ); $self->key( $prms{'Key'} ) if defined $prms{'Key'}; return $self; } sub parse { my $class = shift; croak 'wrong number of arguments' unless ( @_ == 1 ); my ($string) = @_; # remove line terminator, if present $string =~ s/\015\012\z//; # remove field name, if present my $prefix; if ( $string =~ /^(domainkey-signature:)(.*)/si ) { # save the field name (capitalization), so that it can be # restored later $prefix = $1; $string = $2; } my $self = $class->Mail::DKIM::KeyValueList::parse($string); $self->{prefix} = $prefix; return $self; } sub as_string_without_data { croak 'as_string_without_data not implemented'; } sub body_count { croak 'body_count not implemented'; } sub body_hash { croak 'body_hash not implemented'; } sub algorithm { my $self = shift; if (@_) { $self->set_tag( 'a', shift ); } my $a = $self->get_tag('a'); return defined $a && $a ne '' ? lc $a : 'rsa-sha1'; } sub canonicalization { my $self = shift; croak 'too many arguments' if ( @_ > 1 ); if (@_) { $self->set_tag( 'c', shift ); } return lc( $self->get_tag('c') ) || 'simple'; } sub DEFAULT_PREFIX { return 'DomainKey-Signature:'; } sub domain { my $self = shift; if (@_) { $self->set_tag( 'd', shift ); } my $d = $self->get_tag('d'); return defined $d ? lc $d : undef; } sub expiration { my $self = shift; croak 'cannot change expiration on ' . ref($self) if @_; return undef; } use MIME::Base64; sub check_canonicalization { my $self = shift; my $c = $self->canonicalization; my @known = ( 'nofws', 'simple' ); return unless ( grep { $_ eq $c } @known ); return 1; } # Returns a filtered list of protocols that can be used to fetch the # public key corresponding to this signature. An empty list means that # all designated protocols are unrecognized. # Note: at this time, the only recognized protocol for DomainKey # signatures is "dns". # sub check_protocol { my $self = shift; my $protocol = $self->protocol; return 'dns/txt' if $protocol && $protocol eq 'dns'; return; } sub check_version { #DomainKeys doesn't have a v= tag return 1; } sub get_algorithm_class { my $self = shift; croak 'wrong number of arguments' unless ( @_ == 1 ); my ($algorithm) = @_; my $class = $algorithm eq 'rsa-sha1' ? 'Mail::DKIM::Algorithm::dk_rsa_sha1' : undef; return $class; } # get_public_key - same as parent class sub hash_algorithm { my $self = shift; my $algorithm = $self->algorithm; return $algorithm eq 'rsa-sha1' ? 'sha1' : undef; } #sub headerlist # is in Signature.pm sub identity { my $self = shift; croak 'cannot change identity on ' . ref($self) if @_; return $self->{dk_identity}; } sub identity_source { my $self = shift; croak 'unexpected argument' if @_; return $self->{dk_identity_source}; } # init_identity() - initialize the DomainKeys concept of identity # # The signing identity of a DomainKeys signature is the sender # of the message itself, i.e. the address in the Sender/From header. # The sender may not be known when the signature object is # constructed (since the signature usually precedes the From/Sender # header), so use this method when you have the From/Sender value. # See also finish_header() in Mail::DKIM::Verifier. # sub init_identity { my $self = shift; $self->{dk_identity} = shift; $self->{dk_identity_source} = shift; } sub method { croak 'method not implemented (use canonicalization instead)'; } sub protocol { my $self = shift; (@_) and $self->set_tag( 'q', shift ); # although draft-delany-domainkeys-base-06 does mandate presence of a # q=dns tag, it is quote common that q tag is missing - be merciful return !defined( $self->get_tag('q') ) ? 'dns' : lc $self->get_tag('q'); } # same as parent class # same as parent class sub timestamp { croak 'timestamp not implemented'; } sub version { croak 'version not implemented'; } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::DkSignature - represents a DomainKeys-Signature header =head1 VERSION version 1.20200907 =head1 CONSTRUCTORS =head2 new() Create a new DomainKey signature from parameters my $signature = Mail::DKIM::DkSignature->new( [ Algorithm => 'rsa-sha1', ] [ Signature => $base64, ] [ Method => 'simple', ] [ Domain => 'example.org', ] [ Headers => 'from:subject:date:message-id', ] [ Query => 'dns', ] [ Selector => 'alpha', ] [ Key => $private_key, ] ); =head2 parse() Create a new signature from a DomainKey-Signature header my $sig = Mail::DKIM::DkSignature->parse( 'DomainKey-Signature: a=rsa-sha1; b=yluiJ7+0=; c=nofws' ); Constructs a signature by parsing the provided DomainKey-Signature header content. You do not have to include the header name (i.e. "DomainKey-Signature:") but it is recommended, so the header name can be preserved and returned the same way in L. Note: The input to this constructor is in the same format as the output of the as_string method. =head1 METHODS =head2 as_string() Convert the signature header as a string. print $signature->as_string . "\n"; outputs DomainKey-Signature: a=rsa-sha1; b=yluiJ7+0=; c=nofws As shown in the example, the as_string method can be used to generate the DomainKey-Signature that gets prepended to a signed message. =head2 algorithm() Get or set the algorithm (a=) field The algorithm used to generate the signature. Defaults to "rsa-sha1", an RSA-signed SHA-1 digest. =head2 canonicalization() Get or set the canonicalization (c=) field. $signature->canonicalization('nofws'); $signature->canonicalization('simple'); $method = $signature->canonicalization; Message canonicalization (default is "simple"). This informs the verifier of the type of canonicalization used to prepare the message for signing. =head2 domain() Get or set the domain (d=) field. my $d = $signature->domain; # gets the domain value $signature->domain('example.org'); # sets the domain value The domain of the signing entity, as specified in the signature. This is the domain that will be queried for the public key. =head2 headerlist() Get or set the signed header fields (h=) field. $signature->headerlist('a:b:c'); my $headerlist = $signature->headerlist; my @headers = $signature->headerlist; Signed header fields. A colon-separated list of header field names that identify the header fields presented to the signing algorithm. In scalar context, the list of header field names will be returned as a single string, with the names joined together with colons. In list context, the header field names will be returned as a list. =head2 identity() Get the signing identity. my $i = $signature->identity; In DomainKey signatures, the signing identity is the first address found in the Sender header or the From header. This field is populated by the L when processing a DomainKey signature. =head2 identity_source() Determine which header had the identity. my $source = $signature->identity_source; If the message is being verified, this method will tell you which of the message headers was used to determine the signature identity. Possible values are "header.sender" and "header.from". =head2 protocol() Get or set the query methods (q=) field. A colon-separated list of query methods used to retrieve the public key (default is "dns"). =head2 selector() Get or set the selector (s=) field. The selector subdivides the namespace for the "d=" (domain) tag. =head2 signature() Get or set the signature data (b=) field. The signature data. Whitespace is automatically stripped from the returned value. =head1 SEE ALSO L for DKIM-Signature headers =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/Key.pm0000644000175000017500000000534113725344750015427 0ustar marcmarcpackage Mail::DKIM::Key; use strict; use warnings; # ABSTRACT: Represents a DKIM Key our $VERSION = '1.20200907'; # VERSION # Copyright 2006 Jason Long. All rights reserved. # # Copyright (c) 2004 Anthony D. Urso. All rights reserved. # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. sub cork { my $self = shift; (@_) and $self->{'CORK'} = shift; $self->{'CORK'} or $self->convert; $self->{'CORK'}; } sub data { my $self = shift; (@_) and $self->{'DATA'} = shift; $self->{'DATA'}; } sub errorstr { my $self = shift; (@_) and $self->{'ESTR'} = shift; $self->{'ESTR'}; } sub size { my $self = shift; return $self->cork->size * 8; } sub type { my $self = shift; (@_) and $self->{'TYPE'} = shift; $self->{'TYPE'}; } sub calculate_EM { my ( $digest_algorithm, $digest, $emLen ) = @_; # this function performs DER encoding of the algorithm ID for the # hash function and the hash value itself # It has this syntax: # DigestInfo ::= SEQUENCE { # digestAlgorithm AlgorithmIdentifier, # digest OCTET STRING # } # RFC 3447, page 42, provides the following octet values: my %digest_encoding = ( 'SHA-1' => pack( 'H*', '3021300906052B0E03021A05000414' ), 'SHA-256' => pack( 'H*', '3031300d060960864801650304020105000420' ), ); defined $digest_encoding{$digest_algorithm} or die "Unsupported digest algorithm '$digest_algorithm'"; my $T = $digest_encoding{$digest_algorithm} . $digest; my $tLen = length($T); if ( $emLen < $tLen + 11 ) { die 'Intended encoded message length too short.'; } my $PS = chr(0xff) x ( $emLen - $tLen - 3 ); my $EM = chr(0) . chr(1) . $PS . chr(0) . $T; return $EM; } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::Key - Represents a DKIM Key =head1 VERSION version 1.20200907 =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/SignerPolicy.pm0000644000175000017500000000655313725344750017314 0ustar marcmarcpackage Mail::DKIM::SignerPolicy; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: determines signing parameters for a message # Copyright 2005-2006 Messiah College. All rights reserved. # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. # # Written by Jason Long 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::SignerPolicy - determines signing parameters for a message =head1 VERSION version 1.20200907 =head1 DESCRIPTION A "signer policy" is an object, class, or function used by L to determine what signatures to add to the current message. To take advantage of signer policies, create your own Perl class that extends the L class. The only method you need to implement is the apply() method. The apply() method takes as a parameter the L object. Using this object, it can determine some properties of the message (e.g. what the From: address or Sender: address is). Then it sets various signer properties as desired. The apply() method should return a nonzero value if the message should be signed. If a false value is returned, then the message is "skipped" (i.e. not signed). Here is an example of a policy that always returns the same values: package MySignerPolicy; use base 'Mail::DKIM::SignerPolicy'; sub apply { my $self = shift; my $signer = shift; $signer->algorithm('rsa-sha1'); $signer->method('relaxed'); $signer->domain('example.org'); $signer->selector('selector1'); $signer->key_file('private.key'); return 1; } To use this policy, simply specify the name of the class as the Policy parameter... my $dkim = Mail::DKIM::Signer->new( Policy => 'MySignerPolicy', ); =head1 ADVANCED You can also have the policy actually build the signature for the Signer to use. To do this, call the signer's add_signature() method from within your apply() callback. E.g., sub apply { my $self = shift; my $signer = shift; $signer->add_signature( new Mail::DKIM::Signature( Algorithm => $signer->algorithm, Method => $signer->method, Headers => $signer->headers, Domain => $signer->domain, Selector => $signer->selector, )); return; } Again, if you do not want any signatures, return zero or undef. If you use add_signature() to create a signature, the default signature will not be created, even if you return nonzero. =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/AuthorDomainPolicy.pm0000644000175000017500000002134313725344750020451 0ustar marcmarcpackage Mail::DKIM::AuthorDomainPolicy; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: represents an Author Domain Signing Practices (ADSP) record # Copyright 2005-2009 Messiah College. # Jason Long # Copyright (c) 2004 Anthony D. Urso. All rights reserved. # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use base 'Mail::DKIM::Policy'; # base class is used for parse(), as_string() use Mail::DKIM::DNS; sub fetch { my $class = shift; my %prms = @_; my $self; my $had_error= not eval { local $SIG{__DIE__}; $self= $class->SUPER::fetch(%prms); 1 }; my $E = $@; if ( $self && !$self->is_implied_default_policy ) { return $self; } # didn't find a policy; check the domain itself { #FIXME- not good to have this code duplicated between #here and get_lookup_name() # if ( $prms{Author} && !$prms{Domain} ) { $prms{Domain} = ( $prms{Author} =~ /\@([^@]*)$/ and $1 ); } unless ( $prms{Domain} ) { die "no domain to fetch policy for\n"; } my @resp = Mail::DKIM::DNS::query( $prms{Domain}, 'MX' ); if ( !@resp && $@ eq 'NXDOMAIN' ) { return $class->nxdomain_policy; } } die $E if $had_error; return $self; } # get_lookup_name() - determine name of record to fetch # sub get_lookup_name { my $self = shift; my ($prms) = @_; # in ADSP, the record to fetch is determined based on the From header if ( $prms->{Author} && !$prms->{Domain} ) { $prms->{Domain} = ( $prms->{Author} =~ /\@([^@]*)$/ and $1 ); } unless ( $prms->{Domain} ) { die "no domain to fetch policy for\n"; } # IETF seems poised to create policy records this way return '_adsp._domainkey.' . $prms->{Domain}; } sub new { my $class = shift; return $class->parse( String => '' ); } #undocumented private class method our $DEFAULT_POLICY; sub default { my $class = shift; $DEFAULT_POLICY ||= $class->new; return $DEFAULT_POLICY; } #undocumented private class method our $NXDOMAIN_POLICY; sub nxdomain_policy { my $class = shift; if ( !$NXDOMAIN_POLICY ) { $NXDOMAIN_POLICY = $class->new; $NXDOMAIN_POLICY->policy('NXDOMAIN'); } return $NXDOMAIN_POLICY; } sub apply { my $self = shift; my ($dkim) = @_; # first_party indicates whether there is a DKIM signature with # a d= tag matching the address in the From: header my $first_party; my @passing_signatures = grep { $_->result && $_->result eq 'pass' } $dkim->signatures; foreach my $signature (@passing_signatures) { my $author_domain = $dkim->message_originator->host; if ( lc $author_domain eq lc $signature->domain ) { # found a first party signature $first_party = 1; last; } } return 'accept' if $first_party; return 'reject' if ( $self->signall_strict ); return 'neutral'; } sub is_implied_default_policy { my $self = shift; my $default_policy = ref($self)->default; return ( $self == $default_policy ); } sub location { my $self = shift; return $self->{Domain}; } sub name { return 'ADSP'; } sub policy { my $self = shift; (@_) and $self->{tags}->{dkim} = shift; if ( defined $self->{tags}->{dkim} ) { return $self->{tags}->{dkim}; } else { return 'unknown'; } } sub signall { my $self = shift; return $self->policy && ( $self->policy =~ /all/i ); } sub signall_strict { my $self = shift; return $self->policy && ( $self->policy =~ /discardable/i ); } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::AuthorDomainPolicy - represents an Author Domain Signing Practices (ADSP) record =head1 VERSION version 1.20200907 =head1 DESCRIPTION The Author Domain Signing Policies (ADSP) record can be published by any domain to help a receiver know what to do when it encounters an unsigned message claiming to originate from that domain. The record is published as a DNS TXT record at _adsp._domainkey.DOMAIN where DOMAIN is the domain of the message's "From" address. More details about this record can be found by reading the specification itself at L. =head1 CONSTRUCTORS =head2 fetch() Lookup an ADSP record in DNS. my $policy = Mail::DKIM::AuthorDomainPolicy->fetch( Protocol => 'dns', Author => 'jsmith@example.org', ); If the ADSP record is found and appears to be valid, an object containing that record's information will be constructed and returned. If the ADSP record is blank or simply does not exist, an object representing the default policy will be returned instead. (See also L.) If a DNS error occurs (e.g. SERVFAIL or time-out), this method will "die". =head2 new() Construct a default policy object. my $policy = Mail::DKIM::AuthorDomainPolicy->new; =head2 parse() Construct an ADSP record from a string. my $policy = Mail::DKIM::AuthorDomainPolicy->parse( String => 'dkim=all', Domain => 'aaa.example', ); =head1 METHODS =head2 apply() Apply the policy to the results of a DKIM verifier. my $result = $policy->apply($dkim_verifier); The caller must provide an instance of L, one which has already been fed the message being verified. Possible results are: =over =item accept The message is approved by the sender signing policy. =item reject The message is rejected by the sender signing policy. It can be considered very suspicious. =item neutral The message is neither approved nor rejected by the sender signing policy. It can be considered somewhat suspicious. =back Note: in the future, these values may become: none - no ADSP record is published pass - a passing signature is present fail - ADSP record is "all" and no passing signature is found discard - ADSP record is "discardable" and no passing signature is found nxdomain - the DNS domain does not exist temperror - transient error occurred permerror - non-transient error occurred =head2 is_implied_default_policy() Tells whether this policy implied. my $is_implied = $policy->is_implied_default_policy; If you fetch the policy for a particular domain, but that domain does not have a policy published, then the "default policy" is in effect. Use this method to detect when that happens. =head2 location() Tells where the policy was fetched from. If the policy is domain-wide, this will be domain where the policy was published. If the policy is user-specific, TBD. If nothing is published for the domain, and the default policy was returned instead, the location will be C. =head2 policy() Get or set the outbound signing policy (dkim=) tag. my $sp = $policy->policy; Outbound signing policy for the entity. Possible values are: =over =item C The default. The entity may sign some or all email. =item C All mail from the domain is expected to be signed, using a valid Author signature, but the author does not suggest discarding mail without a valid signature. =item C All mail from the domain is expected to be signed, using a valid Author signature, and the author is so confident that non-signed mail claiming to be from this domain can be automatically discarded by the recipient's mail server. =item C<"NXDOMAIN"> The domain is out of scope, i.e., the domain does not exist in the DNS. =back =head2 signall() True if policy is "all". =head2 signall_discardable() True if policy is "strict". =head1 BUGS =over =item * Section 4.3 of the specification says to perform a query on the domain itself just to see if it exists. This class is not currently doing that, i.e. it might report NXDOMAIN because _adsp._domainkey.example.org is nonexistent, but it should not be treated the same as example.org being nonexistent. =back =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/Canonicalization/0000775000175000017500000000000013725344750017625 5ustar marcmarcMail-DKIM-1.20200907/lib/Mail/DKIM/Canonicalization/nowsp.pm0000644000175000017500000000347513725344750021340 0ustar marcmarcpackage Mail::DKIM::Canonicalization::nowsp; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: nowsp canonicalization # Copyright 2005 Messiah College. All rights reserved. # Jason Long # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use base 'Mail::DKIM::Canonicalization::DkimCommon'; use Carp; sub canonicalize_header { my $self = shift; croak 'wrong number of parameters' unless ( @_ == 1 ); my ($line) = @_; # remove all whitespace $line =~ s/[ \t\015\012]//g; if ( $line =~ /^([^:]+):(.*)$/ ) { # lowercase field name $line = lc($1) . ":$2"; } return $line; } sub canonicalize_body { my $self = shift; my ($multiline) = @_; $multiline =~ s/[ \t\015\012]//g; return $multiline; } sub finish_body { my $self = shift; $self->SUPER::finish_body; } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::Canonicalization::nowsp - nowsp canonicalization =head1 VERSION version 1.20200907 =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/Canonicalization/relaxed.pm0000644000175000017500000000705513725344750021614 0ustar marcmarcpackage Mail::DKIM::Canonicalization::relaxed; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: common canonicalization # Copyright 2005 Messiah College. All rights reserved. # Jason Long # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use base 'Mail::DKIM::Canonicalization::DkimCommon'; use Carp; sub init { my $self = shift; $self->SUPER::init; $self->{canonicalize_body_empty_lines} = 0; } sub canonicalize_header { my $self = shift; croak 'wrong number of parameters' unless ( @_ == 1 ); my ($line) = @_; # # step 1: convert all header field names (not the header field values) # to lower case # if ( $line =~ /^([^:]+):(.*)/s ) { # lowercase field name $line = lc($1) . ":$2"; } # # step 2: unwrap all header field continuation lines... i.e. # remove any CRLF sequences that are followed by WSP # $line =~ s/\015\012(\s)/$1/g; # # step 3: convert all sequences of one or more WSP characters to # a single SP character # $line =~ s/[ \t]+/ /g; # # step 4: delete all WSP characters at the end of the header field value # $line =~ s/ \z//s; # # step 5: delete any WSP character remaining before and after the colon # separating the header field name from the header field value # $line =~ s/^([^:\s]+)\s*:\s*/$1:/; return $line; } sub canonicalize_body { my ($self, $multiline) = @_; $multiline =~ s/\015\012\z//s; # # step 1: reduce all sequences of WSP within a line to a single # SP character # $multiline =~ s/[ \t]+/ /g; # # step 2: ignore all white space at the end of lines # $multiline =~ s/[ \t]+(?=\015\012|\z)//g; $multiline .= "\015\012"; # # step 3: ignore empty lines at the end of the message body # (i.e. do not emit empty lines until a following nonempty line # is found) # my $empty_lines = $self->{canonicalize_body_empty_lines}; if ( $multiline =~ s/^((?:\015\012)+)// ) { # count & strip leading empty lines $empty_lines += length($1) / 2; } if ( $empty_lines > 0 && length($multiline) > 0 ) { # re-insert leading white if any nonempty lines exist $multiline = ( "\015\012" x $empty_lines ) . $multiline; $empty_lines = 0; } while ( $multiline =~ /\015\012\015\012\z/ ) { # count & strip trailing empty lines chop $multiline; chop $multiline; $empty_lines++; } $self->{canonicalize_body_empty_lines} = $empty_lines; return $multiline; } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::Canonicalization::relaxed - common canonicalization =head1 VERSION version 1.20200907 =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/Canonicalization/Base.pm0000644000175000017500000001301413725344750021032 0ustar marcmarcpackage Mail::DKIM::Canonicalization::Base; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: base class for canonicalization methods # Copyright 2005-2007 Messiah College. All rights reserved. # Jason Long # Copyright (c) 2004 Anthony D. Urso. All rights reserved. # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use base 'Mail::DKIM::MessageParser'; use Carp; sub new { my $class = shift; return $class->new_object(@_); } sub init { my $self = shift; $self->SUPER::init; unless ( $self->{output} || $self->{output_fh} || $self->{output_digest} || $self->{buffer} ) { $self->{result} = ''; $self->{buffer} = \$self->{result}; } } sub output { my $self = shift; # my ($output) = @_; # optimized away for speed my $out_fh = $self->{output_fh}; if ($out_fh) { print $out_fh @_; } if ( my $digest = $self->{output_digest} ) { $digest->add(@_); } if ( my $out_obj = $self->{output} ) { $out_obj->PRINT(@_); } if ( my $buffer = $self->{buffer} ) { ${ $self->{buffer} } .= $_[0]; } # this supports Debug_Canonicalization if ( my $debug = $self->{Debug_Canonicalization} ) { if ( UNIVERSAL::isa( $debug, 'SCALAR' ) ) { $$debug .= $_[0]; } elsif ( UNIVERSAL::isa( $debug, 'GLOB' ) ) { print $debug @_; } elsif ( UNIVERSAL::isa( $debug, 'IO::Handle' ) ) { $debug->print(@_); } } } sub result { my $self = shift; return $self->{result}; } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::Canonicalization::Base - base class for canonicalization methods =head1 VERSION version 1.20200907 =head1 SYNOPSIS # canonicalization results get output to STDOUT my $method = new Mail::DKIM::Canonicalization::relaxed( output_fh => *STDOUT, Signature => $dkim_signature); # add headers $method->add_header("Subject: this is the subject\015\012"); $method->finish_header(Headers => \@all_headers); # add body $method->add_body("This is the body.\015\012"); $method->add_body("Another two lines\015\012of the body.\015\012"); $method->finish_body; # this adds the signature to the end $method->finish_message; =head1 CONSTRUCTOR Use the new() method of the desired canonicalization implementation class to construct a canonicalization object. E.g. my $method = new Mail::DKIM::Canonicalization::relaxed( output_fh => *STDOUT, Signature => $dkim_signature); The constructors accept these arguments: =over =item Signature (Required) Provide the DKIM signature being constructed (if the message is being signed), or the DKIM signature being verified (if the message is being verified). The canonicalization method either writes parameters to the signature, or reads parameters from the signature (e.g. the h= tag). =item output If specified, the canonicalized message will be passed to this object with the PRINT method. =item output_digest If specified, the canonicalized message will be added to this digest. (Uses the add() method.) =item output_fh If specified, the canonicalized message will be written to this file handle. =back If none of the output parameters are specified, then the canonicalized message is appended to an internal buffer. The contents of this buffer can be accessed using the result() method. =head1 METHODS =head2 add_body() - feeds part of the body into the canonicalization $method->add_body("This is the body.\015\012"); $method->add_body("Another two lines\015\012of the body.\015\012"); The body should be fed one or more "lines" at a time. I.e. do not feed part of a line. =head2 finish_header() - called when the header has been completely parsed $method->finish_header(Headers => \@all_headers); Formerly the canonicalization object would only get the header data through successive invocations of add_header(). However, that required the canonicalization object to store a copy of the entire header so that it could choose the order in which headers were fed to the digest object. This is inefficient use of memory, since a message with many signatures may use many canonicalization objects and each canonicalization object has its own copy of the header. The headers array is an array of one element per header field, with the headers not processed/canonicalized in any way. =head2 result() my $result = $method->result; If you did not specify an object or handle to send the output to, the result of the canonicalization is stored in the canonicalization method itself, and can be accessed using this method. =head1 SEE ALSO L =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/Canonicalization/dk_nofws.pm0000644000175000017500000000337013725344750021776 0ustar marcmarcpackage Mail::DKIM::Canonicalization::dk_nofws; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: nofws canonicalization # Copyright 2005-2006 Messiah College. All rights reserved. # Jason Long # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use base 'Mail::DKIM::Canonicalization::dk_simple'; use Carp; sub canonicalize_header { my $self = shift; my ($line) = @_; $line =~ s/[ \t\015\012]//g; return $self->SUPER::canonicalize_header( $line . "\015\012" ); } sub canonicalize_body { my $self = shift; my ($multiline) = @_; $multiline =~ s/[ \t]//g; $multiline =~ s/\015(?!\012)//g; # standalone CR $multiline =~ s/([^\015])\012/$1/g; # standalone LF return $self->SUPER::canonicalize_body($multiline); } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::Canonicalization::dk_nofws - nofws canonicalization =head1 VERSION version 1.20200907 =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/Canonicalization/seal.pm0000644000175000017500000001047313725344750021112 0ustar marcmarcpackage Mail::DKIM::Canonicalization::seal; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: arc seal canonicalization # Copyright 2017 FastMail Pty Ltd. All Rights Reserved. # Bron Gondwana # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. # This canonicalization is for the ARC-Seal header from # https://tools.ietf.org/html/draft-ietf-dmarc-arc-protocol-06 # Rather than having a 'h' property, it processes the headers in # a pre-defined way. # # 5.1.1.3. Deterministic (Implicit) 'h' Tag Value for ARC-Seal # # In this section, the term "scope" is used to indicate those header # fields signed by an ARC-Seal header field. A number in parentheses # indicates the instance of that field, starting at 1. The suffix "- # no-b" is used with an ARC-Seal field to indicate that its "b" field # is empty at the time the signature is computed, as described in # Section 3.5 of [RFC6376]. "AAR" refers to ARC-Authentication- # Results, "AMS" to ARC-Message-Signature, "AS" to ARC-Seal, and "ASB" # to an ARC-Seal with an empty "b" tag. # # Generally, the scope of an ARC set for a message containing "n" ARC # sets is the concatenation of the following, for x (instance number) # from 1 to n: # # o AAR(x); # # o AMS(x); # # o ASB(x) if x = n, else AS(x) # # Thus for a message with no seals (i.e., upon injection), the scope of # the first ARC set is AAR(1):AMS(1):ASB(1). The ARC set thus # generated would produce a first ARC-Seal with a "b" value. The next # ARC set would include in its signed content the prior scope, so it # would have a scope of AAR(1):AMS(1):AS(1):AAR(2):AMS(2):ASB(2). # # Note: Typically header field sets appear within the header in # descending instance order. use base 'Mail::DKIM::Canonicalization::relaxed'; use Carp; sub init { my $self = shift; $self->SUPER::init; } sub _output_indexed_header { my ( $self, $headers, $h, $i ) = @_; foreach my $hdr (@$headers) { # this ugly pattern matches header: field; field; ... i=N next unless $hdr =~ m/^$h:\s*(?:[^;]*;\s*)*i=(\d+)/i and $1 == $i; $hdr =~ s/\015\012\z//s; $self->output( $self->canonicalize_header($hdr) . "\015\012" ); return; } } sub finish_header { my $self = shift; my %args = @_; my $i = $self->{Signature}->identity(); return unless $i =~ m{^\d+$}; # don't waste time if i= is bogus my $chain = $args{Chain}; $chain = $self->{Signature}->chain() if ! defined $chain; # we include the seal for everything else # if the previous status was pass if ( $chain eq 'pass' ) { foreach my $n ( 1 .. ( $i - 1 ) ) { $self->_output_indexed_header( $args{Headers}, 'ARC-Authentication-Results', $n ); $self->_output_indexed_header( $args{Headers}, 'ARC-Message-Signature', $n ); $self->_output_indexed_header( $args{Headers}, 'ARC-Seal', $n ); } } # always include this header set $self->_output_indexed_header( $args{Headers}, 'ARC-Authentication-Results', $i ); $self->_output_indexed_header( $args{Headers}, 'ARC-Message-Signature', $i ); # we don't add ARC-Seal at our index, because that is this signature, and it's # formed with standard DKIM style, so automatically appeneded } sub add_body { # no body add } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::Canonicalization::seal - arc seal canonicalization =head1 VERSION version 1.20200907 =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/Canonicalization/simple.pm0000644000175000017500000000572313725344750021461 0ustar marcmarcpackage Mail::DKIM::Canonicalization::simple; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: simple canonicalization # Copyright 2005 Messiah College. All rights reserved. # Jason Long # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use base 'Mail::DKIM::Canonicalization::DkimCommon'; use Carp; sub init { my $self = shift; $self->SUPER::init; $self->{canonicalize_body_empty_lines} = 0; } sub canonicalize_header { my $self = shift; croak 'wrong number of parameters' unless ( @_ == 1 ); my ($line) = @_; # # draft-allman-dkim-base-01.txt, section 3.4.1: # the "simple" header field canonicalization algorithm does not # change the header field in any way # return $line; } sub canonicalize_body { my $self = shift; my ($multiline) = @_; # # draft-allman-dkim-base-01.txt, section 3.4.3: # the "simple" body canonicalization algorithm ignores all # empty lines at the end of the message body # # # (i.e. do not emit empty lines until a following nonempty line # is found) # my $empty_lines = $self->{canonicalize_body_empty_lines}; if ( $multiline =~ s/^((?:\015\012)+)// ) { # count & strip leading empty lines $empty_lines += length($1) / 2; } if ( length($multiline) > 0 ) { $self->{canonicalize_body_started} = 1; if ( $empty_lines > 0 ) { # re-insert leading white if any nonempty lines exist $multiline = ( "\015\012" x $empty_lines ) . $multiline; $empty_lines = 0; } } while ( $multiline =~ /\015\012\015\012\z/ ) { # count & strip trailing empty lines chop $multiline; chop $multiline; $empty_lines++; } $self->{canonicalize_body_empty_lines} = $empty_lines; return $multiline; } sub finish_body { my $self = shift; $self->{canonicalize_body_started} or $self->output("\015\012"); $self->SUPER::finish_body; } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::Canonicalization::simple - simple canonicalization =head1 VERSION version 1.20200907 =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/Canonicalization/DkimCommon.pm0000644000175000017500000001175413725344750022226 0ustar marcmarcpackage Mail::DKIM::Canonicalization::DkimCommon; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: common canonicalization # Copyright 2005-2007 Messiah College. All rights reserved. # Jason Long # Copyright (c) 2004 Anthony D. Urso. All rights reserved. # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use base 'Mail::DKIM::Canonicalization::Base'; use Carp; sub init { my $self = shift; $self->SUPER::init; $self->{body_count} = 0; $self->{body_truncated} = 0; # these canonicalization methods require signature to use $self->{Signature} or croak 'no signature specified'; } # similar to code in DkCommon.pm sub add_header { #Note: canonicalization of headers is performed #in finish_header() } sub finish_header { my $self = shift; my %args = @_; # Headers are canonicalized in the order specified by the h= tag. # However, in the case of multiple instances of the same header name, # the headers will be canonicalized in reverse order (i.e. "from # the bottom of the header field block to the top"). # # This is described in 5.4 of RFC4871. # Since the bottom-most headers are to get precedence, we reverse # the headers here... (now the first header matching a particular # name is the header to insert) my @mess_headers = reverse @{ $args{Headers} }; # presence of a h= tag is mandatory... unless ( defined $self->{Signature}->headerlist ) { die "Error: h= tag is required for this canonicalization\n"; } # iterate through the header field names specified in the signature my @sig_headers = $self->{Signature}->headerlist; foreach my $hdr_name (@sig_headers) { $hdr_name = lc $hdr_name; # find the specified header in the message inner_loop: for ( my $i = 0 ; $i < @mess_headers ; $i++ ) { my $hdr = $mess_headers[$i]; if ( $hdr =~ /^([^\s:]+)\s*:/ ) { my $key = lc $1; if ( $key eq $hdr_name ) { # found it # remove it from our list, so if it occurs more than # once, we'll get the next header in line splice @mess_headers, $i, 1; $hdr =~ s/\015\012\z//s; $self->output( $self->canonicalize_header($hdr) . "\015\012" ); last inner_loop; } } } } } sub add_body { my $self = shift; my ($multiline) = @_; $multiline = $self->canonicalize_body($multiline); if ( $self->{Signature} ) { if ( my $limit = $self->{Signature}->body_count ) { my $remaining = $limit - $self->{body_count}; if ( length($multiline) > $remaining ) { $self->{body_truncated} += length($multiline) - $remaining; $multiline = substr( $multiline, 0, $remaining ); } } } $self->{body_count} += length($multiline); $self->output($multiline); } sub finish_body { } sub finish_message { my $self = shift; if ( $self->{Signature} ) { $self->output("\015\012"); # append the DKIM-Signature (without data) my $line = $self->{Signature}->as_string_without_data; # signature is subject to same canonicalization as headers $self->output( $self->canonicalize_header($line) ); } } sub body_count { my $self = shift; return $self->{body_count}; } sub body_truncated { my $self = shift; return $self->{body_truncated}; } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::Canonicalization::DkimCommon - common canonicalization =head1 VERSION version 1.20200907 =head1 DESCRIPTION This class implements functionality that is common to all the currently-defined DKIM canonicalization methods, but not necessarily common with future canonicalization methods. For functionality that is common to all canonicalization methods (including future methods), see Mail::DKIM::Canonicalization::Base. =head1 NAME Mail::DKIM::Canonicalization::DkimCommon - common canonicalization methods =head1 SEE ALSO Mail::DKIM::Canonicalization::Base =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/Canonicalization/dk_simple.pm0000644000175000017500000000470113725344750022132 0ustar marcmarcpackage Mail::DKIM::Canonicalization::dk_simple; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: dk simple canonicalization # Copyright 2005 Messiah College. All rights reserved. # Jason Long # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use base 'Mail::DKIM::Canonicalization::DkCommon'; use Carp; sub init { my $self = shift; $self->SUPER::init; $self->{canonicalize_body_empty_lines} = 0; } sub canonicalize_header { my $self = shift; croak 'wrong number of parameters' unless ( @_ == 1 ); my ($line) = @_; return $line; } sub canonicalize_body { my $self = shift; my ($multiline) = @_; # ignore empty lines at the end of the message body # # (i.e. do not emit empty lines until a following nonempty line # is found) # my $empty_lines = $self->{canonicalize_body_empty_lines}; if ( $multiline =~ s/^((?:\015\012)+)// ) { # count & strip leading empty lines $empty_lines += length($1) / 2; } if ( $empty_lines > 0 && length($multiline) > 0 ) { # re-insert leading white if any nonempty lines exist $multiline = ( "\015\012" x $empty_lines ) . $multiline; $empty_lines = 0; } while ( $multiline =~ /\015\012\015\012\z/ ) { # count & strip trailing empty lines chop $multiline; chop $multiline; $empty_lines++; } $self->{canonicalize_body_empty_lines} = $empty_lines; return $multiline; } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::Canonicalization::dk_simple - dk simple canonicalization =head1 VERSION version 1.20200907 =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/Canonicalization/DkCommon.pm0000644000175000017500000001245413725344750021676 0ustar marcmarcpackage Mail::DKIM::Canonicalization::DkCommon; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: dk common canonicalization # Copyright 2005-2006 Messiah College. All rights reserved. # Jason Long # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use base 'Mail::DKIM::Canonicalization::Base'; use Carp; sub init { my $self = shift; $self->SUPER::init; $self->{header_count} = 0; } # similar to code in DkimCommon.pm sub add_header { #Note: canonicalization of headers is performed #in finish_header() my $self = shift; $self->{header_count}++; } sub finish_header { my $self = shift; my %args = @_; # RFC4870, 3.3: # h = A colon-separated list of header field names that identify the # headers presented to the signing algorithm. If present, the # value MUST contain the complete list of headers in the order # presented to the signing algorithm. # # In the presence of duplicate headers, a signer may include # duplicate entries in the list of headers in this tag. If a # header is included in this list, a verifier must include all # occurrences of that header, subsequent to the "DomainKey- # Signature:" header in the verification. # # RFC4870, 3.4.2.1: # * Each line of the email is presented to the signing algorithm in # the order it occurs in the complete email, from the first line of # the headers to the last line of the body. # * If the "h" tag is used, only those header lines (and their # continuation lines if any) added to the "h" tag list are included. # only consider headers AFTER my signature my @sig_headers; { my $s0 = @{ $args{Headers} } - $self->{header_count}; my $s1 = @{ $args{Headers} } - 1; @sig_headers = ( @{ $args{Headers} } )[ $s0 .. $s1 ]; } # check if signature specifies a list of headers my @sig_header_names = $self->{Signature}->headerlist; if (@sig_header_names) { # - first, group all header fields with the same name together # (using a hash of arrays) my %heads; foreach my $line (@sig_headers) { next unless $line =~ /^([^\s:]+)\s*:/; my $field_name = lc $1; $heads{$field_name} ||= []; push @{ $heads{$field_name} }, $line; } # - second, count how many times each header field name appears # in the h= tag my %counts; foreach my $field_name (@sig_header_names) { $heads{ lc $field_name } ||= []; $counts{ lc $field_name }++; } # - finally, working backwards through the h= tag, # collect the headers we will be signing (last to first). # Normally, one occurrence of a name in the h= tag # correlates to one occurrence of that header being presented # to canonicalization, but if (working backwards) we are # at the first occurrence of that name, and there are # multiple headers of that name, then put them all in. # @sig_headers = (); while ( my $field_name = pop @sig_header_names ) { $counts{ lc $field_name }--; if ( $counts{ lc $field_name } > 0 ) { # this field is named more than once in the h= tag, # so only take the last occuring of that header my $line = pop @{ $heads{ lc $field_name } }; unshift @sig_headers, $line if defined $line; } else { unshift @sig_headers, @{ $heads{ lc $field_name } }; $heads{ lc $field_name } = []; } } } # iterate through each header, in the order determined above foreach my $line (@sig_headers) { if ( $line =~ /^(from|sender)\s*:(.*)$/i ) { my $field = $1; my $content = $2; $self->{interesting_header}->{ lc $field } = $content; } $line =~ s/\015\012\z//s; $self->output( $self->canonicalize_header( $line . "\015\012" ) ); } $self->output( $self->canonicalize_body("\015\012") ); } sub add_body { my $self = shift; my ($multiline) = @_; $self->output( $self->canonicalize_body($multiline) ); } sub finish_body { } sub finish_message { } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::Canonicalization::DkCommon - dk common canonicalization =head1 VERSION version 1.20200907 =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/Policy.pm0000644000175000017500000001546213725344750016143 0ustar marcmarcpackage Mail::DKIM::Policy; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: abstract base class for originator "signing" policies # Copyright 2005-2007 Messiah College. # Jason Long # Copyright (c) 2004 Anthony D. Urso. All rights reserved. # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use Mail::DKIM::DNS; sub fetch { my $class = shift; my $waiter = $class->fetch_async(@_); return $waiter->(); } sub fetch_async { my $class = shift; my %prms = @_; ( $prms{'Protocol'} eq 'dns' ) or die "invalid protocol '$prms{Protocol}'\n"; my $host = $class->get_lookup_name( \%prms ); my %callbacks = %{ $prms{Callbacks} || {} }; my $on_success = $callbacks{Success} || sub { $_[0] }; $callbacks{Success} = sub { my @resp = @_; unless (@resp) { # no requested resource records or NXDOMAIN, # use default policy return $on_success->( $class->default ); } my $strn; foreach my $rr (@resp) { next unless $rr->type eq 'TXT'; # join with no intervening spaces, RFC 5617 if ( Net::DNS->VERSION >= 0.69 ) { # must call txtdata() in a list context $strn = join '', $rr->txtdata; } else { # char_str_list method is 'historical' $strn = join '', $rr->char_str_list; } } unless ($strn) { # empty record found in DNS, use default policy return $on_success->( $class->default ); } my $self = $class->parse( String => $strn, Domain => $prms{Domain}, ); return $on_success->($self); }; # # perform DNS query for domain policy... # my $waiter = Mail::DKIM::DNS::query_async( $host, 'TXT', Callbacks => \%callbacks, ); return $waiter; } sub parse { my $class = shift; my %prms = @_; my $text = $prms{'String'}; my %tags; foreach my $tag ( split /;/, $text ) { # strip whitespace $tag =~ s/^\s+|\s+$//g; my ( $tagname, $value ) = split /=/, $tag, 2; unless ( defined $value ) { die "policy syntax error\n"; } $tagname =~ s/\s+$//; $value =~ s/^\s+//; $tags{$tagname} = $value; } $prms{tags} = \%tags; return bless \%prms, $class; } sub apply { my $self = shift; my ($dkim) = @_; my $first_party; foreach my $signature ( $dkim->signatures ) { next if $signature->result ne 'pass'; my $oa = $dkim->message_sender->address; if ( $signature->identity_matches($oa) ) { # found a first party signature $first_party = 1; last; } } return 'accept' if $first_party; return 'reject' if ( $self->signall && !$self->testing ); return 'neutral'; } sub as_string { my $self = shift; return join( '; ', map { "$_=" . $self->{tags}->{$_} } keys %{ $self->{tags} } ); } sub is_implied_default_policy { my $self = shift; my $default_policy = ref($self)->default; return ( $self == $default_policy ); } sub location { my $self = shift; return $self->{Domain}; } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::Policy - abstract base class for originator "signing" policies =head1 VERSION version 1.20200907 =head1 SYNOPSIS # get all policies that apply to a verified message foreach my $policy ($dkim->policies) { # the name of this policy my $name = $policy->name; # the location in DNS where this policy was found my $location = $policy->location; # apply this policy to the message being verified my $result = $policy->apply($dkim); } =head1 DESCRIPTION Between the various versions of the DomainKeys/DKIM standards, several different forms of sender "signing" policies have been defined. In order for the L library to support these different policies, it uses several different subclasses. All subclasses support this general interface, so that a program using L can support any and all policies found for a message. =head1 METHODS These methods are supported by all classes implementing the L interface. =head2 apply() Apply the policy to the results of a DKIM verifier. my $result = $policy->apply($dkim_verifier); The caller must provide an instance of L, one which has already been fed the message being verified. Possible results are: =over =item accept The message is approved by the sender signing policy. =item reject The message is rejected by the sender signing policy. =item neutral The message is neither approved nor rejected by the sender signing policy. It can be considered suspicious. =back =head2 as_string() The policy as a string. Note that the string returned by this method will not necessarily have the tags ordered the same as the text record found in DNS. =head2 is_implied_default_policy() Is this policy implied? my $is_implied = $policy->is_implied_default_policy; If you fetch the policy for a particular domain, but that domain does not have a policy published, then the "default policy" is in effect. Use this method to detect when that happens. =head2 location() Where the policy was fetched from. This is generally a domain name, the domain name where the policy was published. If nothing is published for the domain, and the default policy was returned instead, the location will be C. =head2 name() Identify what type of policy this is. This currently returns strings like "sender", "author", and "ADSP". It is subject to change in the next version of Mail::DKIM. =head1 SEE ALSO L - for RFC4870(historical) DomainKeys sender signing policies L - for early draft DKIM sender signing policies L - for Author Domain Signing Practices (ADSP) =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/PublicKey.pm0000644000175000017500000003111613725344750016565 0ustar marcmarcpackage Mail::DKIM::PublicKey; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: Represents a DKIM key # Copyright 2005 Messiah College. All rights reserved. # Jason Long # Copyright (c) 2004 Anthony D. Urso. All rights reserved. # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use base ( 'Mail::DKIM::KeyValueList', 'Mail::DKIM::Key' ); *calculate_EM = \&Mail::DKIM::Key::calculate_EM; use Mail::DKIM::DNS; sub new { my $type = shift; my %prms = @_; my $self = {}; $self->{'GRAN'} = $prms{'Granularity'}; $self->{'NOTE'} = $prms{'Note'}; $self->{'TEST'} = $prms{'Testing'}; $self->{'TYPE'} = ( $prms{'Type'} or 'rsa' ); $self->{'DATA'} = $prms{'Data'}; bless $self, $type; } sub fetch { my $class = shift; my $waiter = $class->fetch_async(@_); my $self = $waiter->(); return $self; } # fetch_async() - asynchronously tries fetching a specific public key # using a specific protocol. # # Usage: # my $fut = Mail::DKIM::PublicKey->fetch_async( # Protocol => 'dns/txt', # Selector => 'selector1', # Domain => 'example.org', # Callbacks => { ... }, #optional # ); # # # some later time # my $pubkey = $fut->(); # blocks until the public key is returned # sub fetch_async { my $class = shift; my %prms = @_; defined( $prms{Protocol} ) && $prms{Protocol} =~ m{^dns(/txt)?$}s or die "invalid/missing Protocol\n"; defined( $prms{Selector} ) && length( $prms{Selector} ) or die "invalid/missing Selector\n"; defined( $prms{Domain} ) && length( $prms{Domain} ) or die "invalid/missing Domain\n"; my %callbacks = %{ $prms{Callbacks} || {} }; my $on_success = $callbacks{Success} || sub { $_[0] }; $callbacks{Success} = sub { my @resp = @_; unless (@resp) { # no requested resource records or NXDOMAIN, return $on_success->(); } my $strn; foreach my $rr (@resp) { next unless $rr->type eq 'TXT'; # join with no intervening spaces, RFC 6376 if ( Net::DNS->VERSION >= 0.69 ) { # must call txtdata() in a list context $strn = join '', $rr->txtdata; } else { # char_str_list method is 'historical' $strn = join '', $rr->char_str_list; } last; } $strn or return $on_success->(); my $self = $class->parse($strn); $self->{Selector} = $prms{'Selector'}; $self->{Domain} = $prms{'Domain'}; $self->check; return $on_success->($self); }; # # perform DNS query for public key... # my $host = $prms{Selector} . '._domainkey.' . $prms{Domain}; my $waiter = Mail::DKIM::DNS::query_async( $host, 'TXT', Callbacks => \%callbacks, ); return $waiter; } # check syntax of the public key # throw an error if any errors are detected sub check { my $self = shift; # check public key version tag if ( my $v = $self->get_tag('v') ) { unless ( $v eq 'DKIM1' ) { die "unsupported version\n"; } } # check public key granularity my $g = $self->granularity; # check key type if ( my $k = $self->get_tag('k') ) { unless ( $k eq 'rsa' ) { die "unsupported key type\n"; } } # check public-key data my $p = $self->data; if ( not defined $p ) { die "missing p= tag\n"; } if ( $p eq '' ) { die "revoked\n"; } unless ( $p =~ /^[A-Za-z0-9\+\/\=]+$/ ) { die "invalid data\n"; } # have OpenSSL load the key eval { local $SIG{__DIE__}; $self->cork; 1 } || do { # see also finish_body chomp( my $E = $@ ); if ( $E =~ /(OpenSSL error: .*?) at / ) { $E = "$1"; } elsif ( $E =~ /^(panic:.*?) at / ) { $E = "OpenSSL $1"; } die "$E\n"; }; # check service type if ( my $s = $self->get_tag('s') ) { my @list = split( /:/, $s ); unless ( grep { $_ eq '*' || $_ eq 'email' } @list ) { die "does not support email\n"; } } return 1; } # check_granularity() - check whether this key matches signature identity # # a public key record can restrict what identities it may sign with, # g=, granularity, restricts the local part of the identity # t=s, restricts whether subdomains can be used # # This method returns true if the given identity is allowed by this # public key; it returns false otherwise. # If false is returned, you can check C<$@> for an explanation of # why. # sub check_granularity { my $self = shift; my ( $identity, $empty_g_means_wildcard ) = @_; # check granularity my $g = $self->granularity; # yuck- what is this $empty_g_means_wildcard parameter? # well, it turns out that with DomainKeys signatures, # an empty g= is the same as g=* if ( $g eq '' && $empty_g_means_wildcard ) { $g = '*'; } # split i= value into a "local part" and a "domain part" my ( $local_part, $domain_part ); if ( $identity =~ /^(.*)\@([^@]*)$/ ) { $local_part = $1; $domain_part = $2; } else { $local_part = ''; $domain_part = $identity; } my ( $begins, $ends ) = split /\*/, $g, 2; if ( defined $ends ) { # the g= tag contains an asterisk # the local part must be at least as long as the pattern if ( length($local_part) < length($begins) + length($ends) or # the local part must begin with $begins substr( $local_part, 0, length($begins) ) ne $begins or # the local part must end with $ends ( length($ends) && substr( $local_part, -length($ends) ) ne $ends ) ) { $@ = "granularity mismatch\n"; return; } } else { if ( $g eq '' ) { $@ = "granularity is empty\n"; return; } unless ( $local_part eq $begins ) { $@ = "granularity mismatch\n"; return; } } # check subdomains if ( $self->subdomain_flag ) { unless ( lc( $domain_part ) eq lc( $self->{'Domain'} ) ) { $@ = "does not support signing subdomains\n"; return; } } return 1; } # returns true if the actual hash algorithm used is listed by this # public key; dies otherwise # sub check_hash_algorithm { my $self = shift; my ($hash_algorithm) = @_; # check hash algorithm if ( my $h = $self->get_tag('h') ) { my @list = split( /:/, $h ); unless ( grep { $_ eq $hash_algorithm } @list ) { die "does not support hash algorithm '$hash_algorithm'\n"; } } return 1; } # Create an OpenSSL public key object from the Base64-encoded data # found in this public key's DNS record. The OpenSSL object is saved # in the "cork" property. sub convert { use Crypt::OpenSSL::RSA; my $self = shift; $self->data or return; # have to PKCS1ify the pubkey because openssl is too finicky... my $cert = "-----BEGIN PUBLIC KEY-----\n"; for ( my $i = 0 ; $i < length $self->data ; $i += 64 ) { $cert .= substr $self->data, $i, 64; $cert .= "\n"; } $cert .= "-----END PUBLIC KEY-----\n"; my $cork = Crypt::OpenSSL::RSA->new_public_key($cert) or die 'unable to generate public key object'; # segfaults on my machine # $cork->check_key or # return; $self->cork($cork); return 1; } sub verify { my $self = shift; my %prms = @_; my $rtrn; eval { local $SIG{__DIE__}; $rtrn = $self->cork->verify( $prms{'Text'}, $prms{'Signature'} ); 1 } || do { $self->errorstr($@); return; }; return $rtrn; } sub granularity { my $self = shift; # set new granularity if provided (@_) and $self->set_tag( 'g', shift ); my $g = $self->get_tag('g'); if ( defined $g ) { return $g; } else { return '*'; } } sub notes { my $self = shift; (@_) and $self->set_tag( 'n', shift ); return $self->get_tag('n'); } sub data { my $self = shift; (@_) and $self->set_tag( 'p', shift ); my $p = $self->get_tag('p'); # remove whitespace (actually only LWSP is allowed) and double quote (long string delimiter) $p =~ tr/\015\012 \t"//d if defined $p; return $p; } sub flags { my $self = shift; (@_) and $self->set_tag( 't', shift ); return $self->get_tag('t') || ''; } # subdomain_flag() - checks whether "s" is specified in flags # # returns true if "s" is found, false otherwise # sub subdomain_flag { my $self = shift; my @flags = split /:/, $self->flags; return grep { $_ eq 's' } @flags; } sub revoked { my $self = shift; $self->data or return 1; return; } sub testing { my $self = shift; my $flags = $self->flags; my @flaglist = split( /:/, $flags ); if ( grep { $_ eq 'y' } @flaglist ) { return 1; } return undef; } sub verify_sha1_digest { my $self = shift; my ( $digest, $signature ) = @_; return $self->verify_digest( 'SHA-1', $digest, $signature ); } # verify_digest() - returns true if the digest verifies, false otherwise # # if false, $@ is set to a description of the problem # sub verify_digest { my $self = shift; my ( $digest_algorithm, $digest, $signature ) = @_; my $rsa_pub = $self->cork; if ( !$rsa_pub ) { $@ = $@ ne '' ? "RSA failed: $@" : 'RSA unknown problem'; $@ .= ", s=$self->{Selector} d=$self->{Domain}"; return; } $rsa_pub->use_no_padding; my $verify_result = $rsa_pub->encrypt($signature); my $k = $rsa_pub->size; my $expected = calculate_EM( $digest_algorithm, $digest, $k ); return 1 if ( $verify_result eq $expected ); # well, the RSA verification failed; I wonder if the RSA signing # was performed on a different digest value? I think we can check... # basically, if the $verify_result has the same prefix as $expected, # then only the digest was different my $digest_len = length $digest; my $prefix_len = length($expected) - $digest_len; if ( substr( $verify_result, 0, $prefix_len ) eq substr( $expected, 0, $prefix_len ) ) { $@ = 'message has been altered'; return; } $@ = 'bad RSA signature'; return; } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::PublicKey - Represents a DKIM key =head1 VERSION version 1.20200907 =head1 CONSTRUCTOR =head2 fetch() - retrieve a public key record from DNS my $public_key = Mail::DKIM::PublicKey->fetch( Protocol => 'dns', Selector => 'brisbane', Domain => 'example.com', ); If the public key is found, a L object is returned, representing the information found in DNS. If the public key does not exist in DNS, then C is returned. If a DNS error occurs while fetching the key, then this method will C. If the public key was found, but is not valid (e.g. it is "revoked"), then this method will C. =head1 METHODS =head2 granularity() - get or set the granularity (g=) field my $g = $public_key->granularity; $public_key->granularity('*'); Granularity of the key. The value must match the Local-part of the effective "i=" tag of the DKIM-Signature header field. The granularity is a literal value, or a pattern with a single '*' wildcard character that matches zero or more characters. If no granularity is defined, then the default value, '*', will be returned. =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/Verifier.pm0000644000175000017500000006107313725344750016456 0ustar marcmarcpackage Mail::DKIM::Verifier; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: verifies a DKIM-signed message # Copyright 2005-2009 Messiah College. All rights reserved. # Jason Long # Copyright (c) 2004 Anthony D. Urso. All rights reserved. # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use Mail::DKIM::Signature; use Mail::DKIM::DkSignature; use Mail::Address; use base 'Mail::DKIM::Common'; use Carp; our $MAX_SIGNATURES_TO_PROCESS = 50; sub init { my $self = shift; $self->SUPER::init; $self->{signatures} = []; } # @{$dkim->{signatures}} # array of L objects, representing all # parseable signatures found in the header, # ordered from the top of the header to the bottom. # # $dkim->{signature_reject_reason} # simple string listing a reason, if any, for not using a signature. # This may be a helpful diagnostic if there is a signature in the header, # but was found not to be valid. It will be ambiguous if there are more # than one signatures that could not be used. # # $dkim->{signature} # the L selected as the "best" signature. # # @{$dkim->{headers}} # array of strings, each member is one header, in its original format. # # $dkim->{algorithms} # array of algorithms, one for each signature being verified. # # $dkim->{result} # string; the result of the verification (see the result() method) # sub handle_header { my $self = shift; my ( $field_name, $contents, $line ) = @_; $self->SUPER::handle_header( $field_name, $contents ); if ( lc($field_name) eq 'dkim-signature' ) { eval { local $SIG{__DIE__}; my $signature = Mail::DKIM::Signature->parse($line); $self->add_signature($signature); 1 } || do { # the only reason an error should be thrown is if the # signature really is unparse-able # otherwise, invalid signatures are caught in finish_header() chomp( my $E = $@ ); $self->{signature_reject_reason} = $E; }; } if ( lc($field_name) eq 'domainkey-signature' ) { eval { local $SIG{__DIE__}; my $signature = Mail::DKIM::DkSignature->parse($line); $self->add_signature($signature); 1 } || do { # the only reason an error should be thrown is if the # signature really is unparse-able # otherwise, invalid signatures are caught in finish_header() chomp( my $E = $@ ); $self->{signature_reject_reason} = $E; }; } } sub add_signature { my $self = shift; croak 'wrong number of arguments' unless ( @_ == 1 ); my ($signature) = @_; # ignore signature headers once we've seen 50 or so # this protects against abuse. return if ( @{ $self->{signatures} } > $MAX_SIGNATURES_TO_PROCESS ); push @{ $self->{signatures} }, $signature; unless ( $self->check_signature($signature) ) { $signature->result( 'invalid', $self->{signature_reject_reason} ); return; } # signature looks ok, go ahead and query for the public key $signature->fetch_public_key; # create a canonicalization filter and algorithm my $algorithm_class = $signature->get_algorithm_class( $signature->algorithm ); my $algorithm = $algorithm_class->new( Signature => $signature, Debug_Canonicalization => $self->{Debug_Canonicalization}, ); # push through the headers parsed prior to the signature header if ( $algorithm->wants_pre_signature_headers ) { # Note: this will include the signature header that led to this # "algorithm"... foreach my $head ( @{ $self->{headers} } ) { $algorithm->add_header($head); } } # save the algorithm $self->{algorithms} ||= []; push @{ $self->{algorithms} }, $algorithm; } sub check_signature { my $self = shift; croak 'wrong number of arguments' unless ( @_ == 1 ); my ($signature) = @_; unless ( $signature->check_version ) { # unsupported version if ( defined $signature->version ) { $self->{signature_reject_reason} = 'unsupported version ' . $signature->version; } else { $self->{signature_reject_reason} = 'missing v tag'; } return 0; } unless ( $signature->algorithm && $signature->get_algorithm_class( $signature->algorithm ) ) { # unsupported algorithm $self->{signature_reject_reason} = 'unsupported algorithm'; if ( defined $signature->algorithm ) { $self->{signature_reject_reason} .= ' ' . $signature->algorithm; } return 0; } if ( $self->{Strict} ) { if ( $signature->algorithm eq 'rsa-sha1' ) { $self->{signature_reject_reason} = 'unsupported algorithm'; if ( defined $signature->algorithm ) { $self->{signature_reject_reason} .= ' ' . $signature->algorithm; } return 0; } } unless ( $signature->check_canonicalization ) { # unsupported canonicalization method $self->{signature_reject_reason} = 'unsupported canonicalization'; if ( defined $signature->canonicalization ) { $self->{signature_reject_reason} .= ' ' . $signature->canonicalization; } return 0; } unless ( $signature->check_protocol ) { # unsupported query protocol $self->{signature_reject_reason} = !defined( $signature->protocol ) ? 'missing q tag' : 'unsupported query protocol, q=' . $signature->protocol; return 0; } unless ( $signature->check_expiration ) { # signature has expired $self->{signature_reject_reason} = 'signature is expired'; return 0; } unless ( defined $signature->domain ) { # no domain specified $self->{signature_reject_reason} = 'missing d tag'; return 0; } if ( $signature->domain eq '' ) { # blank domain $self->{signature_reject_reason} = 'invalid domain in d tag'; return 0; } unless ( defined $signature->selector ) { # no selector specified $self->{signature_reject_reason} = 'missing s tag'; return 0; } return 1; } sub check_public_key { my $self = shift; croak 'wrong number of arguments' unless ( @_ == 2 ); my ( $signature, $public_key ) = @_; my $result = 0; eval { local $SIG{__DIE__}; $@ = undef; # HACK- I'm indecisive here about whether I want the # check_foo functions to return false or to "die" # on failure # check public key's allowed hash algorithms $result = $public_key->check_hash_algorithm( $signature->hash_algorithm ); # HACK- DomainKeys signatures are allowed to have an empty g= # tag in the public key my $empty_g_means_wildcard = $signature->isa('Mail::DKIM::DkSignature'); # check public key's granularity $result &&= $public_key->check_granularity( $signature->identity, $empty_g_means_wildcard ); die $@ if $@; 1 } || do { my $E = $@; chomp $E; $self->{signature_reject_reason} = "public key: $E"; }; return $result; } # returns true if the i= tag is an address with a domain matching or # a subdomain of the d= tag # sub check_signature_identity { my ($signature) = @_; my $d = $signature->domain; my $i = $signature->identity; if ( defined($i) && $i =~ /\@([^@]*)$/ ) { return match_subdomain( $1, $d ); } return 0; } sub match_subdomain { croak 'wrong number of arguments' unless ( @_ == 2 ); my ( $subdomain, $superdomain ) = @_; my $tmp = substr( ".$subdomain", -1 - length($superdomain) ); return ( lc ".$superdomain" eq lc $tmp ); } # # called when the verifier has received the last of the message headers # (body is still to come) # sub finish_header { my $self = shift; # Signatures we found and were successfully parsed are stored in # $self->{signatures}. If none were found, our result is "none". if ( @{ $self->{signatures} } == 0 && !defined( $self->{signature_reject_reason} ) ) { $self->{result} = 'none'; return; } foreach my $algorithm ( @{ $self->{algorithms} } ) { $algorithm->finish_header( Headers => $self->{headers} ); } # stop processing signatures that are already known to be invalid @{ $self->{algorithms} } = grep { my $sig = $_->signature; !( $sig->result && $sig->result eq 'invalid' ); } @{ $self->{algorithms} }; if ( @{ $self->{algorithms} } == 0 && @{ $self->{signatures} } > 0 ) { $self->{result} = $self->{signatures}->[0]->result || 'invalid'; $self->{details} = $self->{signatures}->[0]->{verify_details} || $self->{signature_reject_reason}; return; } } sub _check_and_verify_signature { my $self = shift; my ($algorithm) = @_; # check signature my $signature = $algorithm->signature; unless ( check_signature_identity($signature) ) { $self->{signature_reject_reason} = 'bad identity'; return ( 'invalid', $self->{signature_reject_reason} ); } # get public key my $pkey; eval { $pkey = $signature->get_public_key; 1 } || do { my $E = $@; chomp $E; $self->{signature_reject_reason} = "public key: $E"; return ( 'invalid', $self->{signature_reject_reason} ); }; unless ( $self->check_public_key( $signature, $pkey ) ) { return ( 'invalid', $self->{signature_reject_reason} ); } # make sure key is big enough my $keysize = $pkey->cork->size * 8; # in bits if ( $keysize < 1024 && $self->{Strict} ) { $self->{signature_reject_reason} = "Key length $keysize too short"; return ( 'fail', $self->{signature_reject_reason} ); } # verify signature my $result; my $details; local $@ = undef; eval { $result = $algorithm->verify() ? 'pass' : 'fail'; $details = $algorithm->{verification_details} || $@; 1 } || do { # see also add_signature chomp( my $E = $@ ); if ( $E =~ /(OpenSSL error: .*?) at / ) { $E = $1; } elsif ( $E =~ /^(panic:.*?) at / ) { $E = "OpenSSL $1"; } $result = 'fail'; $details = $E; }; return ( $result, $details ); } sub finish_body { my $self = shift; foreach my $algorithm ( @{ $self->{algorithms} } ) { # finish canonicalizing $algorithm->finish_body; my ( $result, $details ) = $self->_check_and_verify_signature($algorithm); # save the results of this signature verification $algorithm->{result} = $result; $algorithm->{details} = $details; $algorithm->signature->result( $result, $details ); # collate results ... ignore failed signatures if we already got # one to pass if ( !$self->{result} || $result eq 'pass' ) { $self->{signature} = $algorithm->signature; $self->{result} = $result; $self->{details} = $details; } } } sub fetch_author_domain_policies { my $self = shift; use Mail::DKIM::AuthorDomainPolicy; return () unless $self->{headers_by_name}->{from}; my @list = Mail::Address->parse( $self->{headers_by_name}->{from} ); my @authors = map { $_->address } @list; # fetch the policies return map { Mail::DKIM::AuthorDomainPolicy->fetch( Protocol => 'dns', Author => $_, ) } @authors; } sub fetch_author_policy { my $self = shift; my ($author) = @_; use Mail::DKIM::DkimPolicy; # determine address found in the "From" $author ||= $self->message_originator->address; # fetch the policy return Mail::DKIM::DkimPolicy->fetch( Protocol => 'dns', Author => $author, ); } sub fetch_sender_policy { my $self = shift; use Mail::DKIM::DkPolicy; # determine addresses found in the "From" and "Sender" headers my $author = $self->message_originator->address; my $sender = $self->message_sender->address; # fetch the policy return Mail::DKIM::DkPolicy->fetch( Protocol => 'dns', Author => $author, Sender => $sender, ); } sub policies { my $self = shift; my $sender_policy = eval { $self->fetch_sender_policy() }; my $author_policy = eval { $self->fetch_author_policy() }; return ( $sender_policy ? $sender_policy : (), $author_policy ? $author_policy : (), $self->fetch_author_domain_policies(), ); } sub signatures { my $self = shift; croak 'unexpected argument' if @_; return @{ $self->{signatures} }; } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::Verifier - verifies a DKIM-signed message =head1 VERSION version 1.20200907 =head1 SYNOPSIS use Mail::DKIM::Verifier; # create a verifier object my $dkim = Mail::DKIM::Verifier->new(); # read an email from a file handle $dkim->load(*STDIN); # or read an email and pass it into the verifier, incrementally while () { # remove local line terminators chomp; s/\015$//; # use SMTP line terminators $dkim->PRINT("$_\015\012"); } $dkim->CLOSE; # what is the result of the verify? my $result = $dkim->result; # there might be multiple signatures, what is the result per signature? foreach my $signature ($dkim->signatures) { print 'signature identity: ' . $signature->identity . "\n"; print 'verify result: ' . $signature->result_detail . "\n"; } # the alleged author of the email may specify how to handle email foreach my $policy ($dkim->policies) { die 'fraudulent message' if ($policy->apply($dkim) eq 'reject'); } =head1 DESCRIPTION The verifier object allows an email message to be scanned for DKIM and DomainKeys signatures and those signatures to be verified. The verifier tracks the state of the message as it is read into memory. When the message has been completely read, the signatures are verified and the results of the verification can be accessed. To use the verifier, first create the verifier object. Then start "feeding" it the email message to be verified. When all the _headers_ have been read, the verifier: 1. checks whether any DomainKeys/DKIM signatures were found 2. queries for the public keys needed to verify the signatures 3. sets up the appropriate algorithms and canonicalization objects 4. canonicalizes the headers and computes the header hash Then, when the _body_ of the message has been completely fed into the verifier, the body hash is computed and the signatures are verified. The results of the verification can be checked with L or L. Messages that do not verify may be checked against the alleged sender's published signing policy with L and L. =head1 CONSTRUCTOR =head2 new() Constructs an object-oriented verifier. my $dkim = Mail::DKIM::Verifier->new(); my $dkim = Mail::DKIM::Verifier->new(%options); The only options supported at this time are: =over =item Debug_Canonicalization if specified, the canonicalized message for the first signature is written to the referenced string or file handle. =item Strict If true, rejects sha1 hashes and signing keys shorter than 1024 bits. =back =head1 METHODS =head2 PRINT() Feeds part of the message to the verifier. $dkim->PRINT("a line of the message\015\012"); $dkim->PRINT('more of'); $dkim->PRINT(" the message\015\012bye\015\012"); Feeds content of the message being verified into the verifier. The API is designed this way so that the entire message does NOT need to be read into memory at once. Please note that although the PRINT() method expects you to use SMTP-style line termination characters, you should NOT use the SMTP-style dot-stuffing technique described in RFC 2821 section 4.5.2. Nor should you use a . sequence to terminate the message. =head2 CLOSE() Call this when finished feeding in the message. $dkim->CLOSE; This method finishes the canonicalization process, computes a hash, and verifies the signature. =head2 fetch_author_domain_policies() Retrieves ADSP records from DNS. my @policies = $dkim->fetch_author_domain_policies; foreach my $policy (@policies) { my $policy_result = $policy->apply($dkim); } This method will retrieve all applicable "author-domain-signing-practices" published in DNS for this message. Author policies are keyed to the email address(es) in the From: header, i.e. the claimed author of the message. This method returns a *list* of policy records, since there is allowed to be zero or multiple email addresses in the From: header. The result of the apply() method is one of: "accept", "reject", "neutral". See also: L. =head2 fetch_author_policy() Retrieves a signing policy from DNS. my $policy = $dkim->fetch_author_policy; my $policy_result = $policy->apply($dkim); This method retrieves the DKIM Sender Signing Practices record as described in Internet Draft draft-ietf-dkim-ssp-00-01dc. This Internet Draft is now obsolete; this method is only kept for backward-compatibility purposes. Please use the L method instead. =head2 fetch_sender_policy() Retrieves a signing policy from DNS. my $policy = $dkim->fetch_sender_policy; my $policy_result = $policy->apply($dkim); The "sender" policy is the sender signing policy as described by the DomainKeys specification, now available in RFC4870(historical). I call it the "sender" policy because it is keyed to the email address in the Sender: header, or the From: header if there is no Sender header. This is the person whom the message claims as the "transmitter" of the message (not necessarily the author). If the email being verified has no From or Sender header from which to get an email address (which violates email standards), then this method will C. The result of the apply() method is one of: "accept", "reject", "neutral". See also: L. =head2 load() Load the entire message from a file handle. $dkim->load($file_handle); Reads a complete message from the designated file handle, feeding it into the verifier. The message must use line terminators (same as the SMTP protocol). =head2 message_originator() Access the "From" header. my $address = $dkim->message_originator; Returns the "originator address" found in the message, as a L object. This is typically the (first) name and email address found in the From: header. If there is no From: header, then an empty L object is returned. To get just the email address part, do: my $email = $dkim->message_originator->address; See also L. =head2 message_sender() Access the "From" or "Sender" header. my $address = $dkim->message_sender; Returns the "sender" found in the message, as a L object. This is typically the (first) name and email address found in the Sender: header. If there is no Sender: header, it is the first name and email address in the From: header. If neither header is present, then an empty L object is returned. To get just the email address part, do: my $email = $dkim->message_sender->address; The "sender" is the mailbox of the agent responsible for the actual transmission of the message. For example, if a secretary were to send a message for another person, the "sender" would be the secretary and the "originator" would be the actual author. =head2 policies() Retrieves applicable signing policies from DNS. my @policies = $dkim->policies; foreach my $policy (@policies) { $policy_result = $policy->apply($dkim); # $policy_result is one of "accept", "reject", "neutral" } This method searches for and returns any signing policies that would apply to this message. Signing policies are selected based on the domain that the message *claims* to be from. So, for example, if a message claims to be from security@bank, and forwarded by trusted@listserv, when in reality the message came from foe@evilcorp, this method would check for signing policies for security@bank and trusted@listserv. The signing policies might tell whether foe@evilcorp (the real sender) is allowed to send mail claiming to be from your bank or your listserv. I say "might tell", because in reality this is still really hard to specify with any accuracy. In addition, most senders do not publish useful policies. =head2 result() Access the result of the verification. my $result = $dkim->result; Gives the result of the verification. The following values are possible: =over =item pass Returned if a valid DKIM-Signature header was found, and the signature contains a correct value for the message. =item fail Returned if a valid DKIM-Signature header was found, but the signature does not contain a correct value for the message. =item invalid Returned if a DKIM-Signature could not be checked because of a problem in the signature itself or the public key record. I.e. the signature could not be processed. =item temperror Returned if a DKIM-Signature could not be checked due to some error which is likely transient in nature, such as a temporary inability to retrieve a public key. A later attempt may produce a better result. =item none Returned if no DKIM-Signature headers (valid or invalid) were found. =back In case of multiple signatures, the "best" result will be returned. Best is defined as "pass", followed by "fail", "invalid", and "none". To examine the results of individual signatures, use the L method to retrieve the signature objects. See L. =head2 result_detail() Access the result, plus details if available. my $detail = $dkim->result_detail; The detail is constructed by taking the result (e.g. "pass", "fail", "invalid" or "none") and appending any details provided by the verification process in parenthesis. The following are possible results from the result_detail() method: pass fail (bad RSA signature) fail (OpenSSL error: ...) fail (message has been altered) fail (body has been altered) invalid (bad identity) invalid (invalid domain in d tag) invalid (missing q tag) invalid (missing d tag) invalid (missing s tag) invalid (unsupported version 0.1) invalid (unsupported algorithm ...) invalid (unsupported canonicalization ...) invalid (unsupported query protocol ...) invalid (signature is expired) invalid (public key: not available) invalid (public key: unknown query type ...) invalid (public key: syntax error) invalid (public key: unsupported version) invalid (public key: unsupported key type) invalid (public key: missing p= tag) invalid (public key: invalid data) invalid (public key: does not support email) invalid (public key: does not support hash algorithm 'sha1') invalid (public key: does not support signing subdomains) invalid (public key: revoked) invalid (public key: granularity mismatch) invalid (public key: granularity is empty) invalid (public key: OpenSSL error: ...) none =head2 signature() Access the message's DKIM signature. my $sig = $dkim->signature; Accesses the signature found and verified in this message. The returned object is of type L. In case of multiple signatures, the signature with the "best" result will be returned. Best is defined as "pass", followed by "fail", "invalid", and "none". =head2 signatures() Access all of this message's signatures. my @all_signatures = $dkim->signatures; Use $signature->result or $signature->result_detail to access the verification results of each signature. =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/Signature.pm0000644000175000017500000005505113725344750016643 0ustar marcmarcpackage Mail::DKIM::Signature; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: represents a DKIM-Signature header # Copyright 2005-2007 Messiah College. All rights reserved. # Jason Long # Copyright (c) 2004 Anthony D. Urso. All rights reserved. # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use Mail::DKIM::PublicKey; use Mail::DKIM::Algorithm::rsa_sha1; use Mail::DKIM::Algorithm::rsa_sha256; use base 'Mail::DKIM::KeyValueList'; use Carp; sub new { my $class = shift; my %prms = @_; my $self = {}; bless $self, $class; $self->version('1'); $self->algorithm( $prms{'Algorithm'} || 'rsa-sha1' ); $self->signature( $prms{'Signature'} ); $self->canonicalization( $prms{'Method'} ) if exists $prms{'Method'}; $self->domain( $prms{'Domain'} ); $self->headerlist( $prms{'Headers'} ); $self->protocol( $prms{'Query'} ) if exists $prms{'Query'}; $self->selector( $prms{'Selector'} ); $self->identity( $prms{'Identity'} ) if exists $prms{'Identity'}; $self->timestamp( $prms{'Timestamp'} ) if defined $prms{'Timestamp'}; $self->expiration( $prms{'Expiration'} ) if defined $prms{'Expiration'}; $self->key( $prms{'Key'} ) if defined $prms{'Key'}; return $self; } sub parse { my $class = shift; croak 'wrong number of arguments' unless ( @_ == 1 ); my ($string) = @_; # remove line terminator, if present $string =~ s/\015\012\z//; # remove field name, if present my $prefix = $class->prefix(); if ( $string =~ s/^($prefix)//i ) { # save the field name (capitalization), so that it can be # restored later $prefix = $1; } my $self = $class->SUPER::parse($string); $self->{prefix} = $prefix; return $self; } # deprecated sub wantheader { my $self = shift; my $attr = shift; $self->headerlist or return 1; foreach my $key ( $self->headerlist ) { lc $attr eq lc $key and return 1; } return; } sub algorithm { my $self = shift; if (@_) { $self->set_tag( 'a', shift ); } my $a = $self->get_tag('a'); return defined $a ? lc $a : undef; } sub as_string { my $self = shift; return $self->prefix() . $self->SUPER::as_string; } # undocumented method sub as_string_debug { my $self = shift; return $self->prefix() . join( ';', map { '>' . $_->{raw} . '<' } @{ $self->{tags} } ); } sub as_string_without_data { my $self = shift; croak 'wrong number of arguments' unless ( @_ == 0 ); my $alt = $self->clone; $alt->signature(''); return $alt->as_string; } sub body_count { my $self = shift; # set new body count if provided (@_) and $self->set_tag( 'l', shift ); return $self->get_tag('l'); } sub body_hash { my $self = shift; # set new body hash if provided (@_) and $self->set_tag( 'bh', shift ); my $result = $self->get_tag('bh'); if ( defined $result ) { $result =~ s/\s+//gs; } return $result; } sub canonicalization { my $self = shift; if (@_) { $self->set_tag( 'c', join( '/', @_ ) ); } my $c = $self->get_tag('c'); $c = lc $c if defined $c; if ( not $c ) { $c = 'simple/simple'; } my ( $c1, $c2 ) = split( /\//, $c, 2 ); if ( not defined $c2 ) { # default body canonicalization is "simple" $c2 = 'simple'; } if (wantarray) { return ( $c1, $c2 ); } else { return "$c1/$c2"; } } use MIME::Base64; # checks whether this signature specifies a legal canonicalization method # returns true if the canonicalization is acceptable, false otherwise # sub check_canonicalization { my $self = shift; my ( $c1, $c2 ) = $self->canonicalization; my @known = ( 'nowsp', 'simple', 'relaxed', 'seal' ); return undef unless ( grep { $_ eq $c1 } @known ); return undef unless ( grep { $_ eq $c2 } @known ); return 1; } # checks whether the expiration time on this signature is acceptable # returns a true value if acceptable, false otherwise # sub check_expiration { my $self = shift; my $x = $self->expiration; return 1 if not defined $x; $self->{_verify_time} ||= time(); return ( $self->{_verify_time} <= $x ); } # Returns a filtered list of protocols that can be used to fetch the # public key corresponding to this signature. An empty list means that # all designated protocols are unrecognized. # Note: at this time, the only recognized protocol is "dns/txt". # sub check_protocol { my $self = shift; my $v = $self->version; foreach my $prot ( split /:/, $self->protocol ) { my ( $type, $options ) = split( /\//, $prot, 2 ); if ( $type eq 'dns' ) { return ('dns/txt') if $options && $options eq 'txt'; # prior to DKIM version 1, the '/txt' part was optional if ( !$v ) { return ('dns/txt') if !defined($options); } } } # unrecognized return; } # checks whether the version tag has an acceptable value # returns true if so, otherwise false # sub check_version { my $self = shift; # check version if ( my $version = $self->version ) { my @ALLOWED_VERSIONS = ( '0.5', '1' ); return ( grep { $_ eq $version } @ALLOWED_VERSIONS ); } # we still consider a missing v= tag acceptable, # for backwards-compatibility return 1; } sub data { my $self = shift; if (@_) { $self->set_tag( 'b', shift ); } my $b = $self->get_tag('b'); $b =~ tr/\015\012 \t//d if defined $b; return $b; } *signature = \*data; #undocumented, private function #derived from MIME::Base64::Perl (allowed, thanks to the Perl license) # sub decode_qp { my $res = shift; #TODO- should I worry about non-ASCII systems here? $res =~ s/=([\da-fA-F]{2})/pack('C', hex($1))/ge if defined $res; return $res; } #undocumented, private function #derived from MIME::Base64::Perl (allowed, thanks to the Perl license) # sub encode_qp { my $res = shift; # note- unlike MIME quoted-printable, we don't allow whitespace chars my $DISALLOWED = qr/[^!"#\$%&'()*+,\-.\/0-9:;<>?\@A-Z[\\\]^_`a-z{|}~]/; #TODO- should I worry about non-ASCII systems here? $res =~ s/($DISALLOWED)/sprintf('=%02X', ord($1))/eg if defined $res; return $res; } sub DEFAULT_PREFIX { return 'DKIM-Signature:'; } sub prefix { my $class = shift; if ( ref($class) ) { $class->{prefix} = shift if @_; return $class->{prefix} if $class->{prefix}; } return $class->DEFAULT_PREFIX(); } sub domain { my $self = shift; if (@_) { $self->set_tag( 'd', shift ); } my $d = $self->get_tag('d'); return defined $d ? lc $d : undef; } sub expiration { my $self = shift; (@_) and $self->set_tag( 'x', shift ); return $self->get_tag('x'); } # allows the type of signature to determine what "algorithm" gets used sub get_algorithm_class { my $self = shift; croak 'wrong number of arguments' unless ( @_ == 1 ); my ($algorithm) = @_; my $class = $algorithm eq 'rsa-sha1' ? 'Mail::DKIM::Algorithm::rsa_sha1' : $algorithm eq 'rsa-sha256' ? 'Mail::DKIM::Algorithm::rsa_sha256' : undef; return $class; } # [private method] # fetch_public_key() - initiate a DNS query for fetching the key # # This method does NOT return the public key. # Use get_public_key() for that. # sub fetch_public_key { my $self = shift; return if exists $self->{public_key_query}; my $on_success = sub { if ( $_[0] ) { $self->{public} = $_[0]; } else { $self->{public_error} = "not available\n"; } }; my @methods = $self->check_protocol; $self->{public_key_query} = Mail::DKIM::PublicKey->fetch_async( Protocol => $methods[0], Selector => $self->selector, Domain => $self->domain, Callbacks => { Success => $on_success, Error => sub { $self->{public_error} = shift }, }, ); return; } #EXPERIMENTAL sub _refetch_public_key { my $self = shift; if ( $self->{public_key_query} ) { # clear the existing query by waiting for it to complete $self->{public_key_query}->(); } delete $self->{public_key_query}; delete $self->{public}; delete $self->{public_error}; $self->fetch_public_key; } sub get_public_key { my $self = shift; # this ensures we only try fetching once, even if an error occurs if ( not exists $self->{public_key_query} ) { $self->fetch_public_key; } if ( $self->{public_key_query} ) { # wait for public key query to finish $self->{public_key_query}->(); $self->{public_key_query} = 0; } if ( exists $self->{public} ) { return $self->{public}; } else { die $self->{public_error}; } } sub hash_algorithm { my $self = shift; my $algorithm = $self->algorithm; return $algorithm eq 'rsa-sha1' ? 'sha1' : $algorithm eq 'rsa-sha256' ? 'sha256' : undef; } sub headerlist { my $self = shift; (@_) and $self->set_tag( 'h', shift ); my $h = $self->get_tag('h') || ''; # remove whitespace next to colons $h =~ s/\s+:/:/g; $h =~ s/:\s+/:/g; $h = lc $h; if ( wantarray and $h ) { my @list = split /:/, $h; @list = map { s/^\s+|\s+$//g; $_ } @list; return @list; } elsif (wantarray) { return (); } return $h; } sub identity { my $self = shift; # set new identity if provided (@_) and $self->set_tag( 'i', encode_qp(shift) ); my $i = $self->get_tag('i'); if ( defined $i ) { return decode_qp($i); } else { return '@' . ( $self->domain || '' ); } } sub identity_matches { my $self = shift; my ($addr) = @_; my $id = $self->identity; if ( $id =~ /^\@/ ) { # the identity is a domain-name only, so it only needs to match # the domain part of the sender address return ( lc( substr( $addr, -length($id) ) ) eq lc($id) ); # TODO - compare the parent domains? } return lc($addr) eq lc($id); } sub key { my $self = shift; if (@_) { $self->{Key} = shift; $self->{KeyFile} = undef; } return $self->{Key}; } sub method { my $self = shift; if (@_) { $self->set_tag( 'c', shift ); } return ( lc $self->get_tag('c') ) || 'simple'; } sub protocol { my $self = shift; (@_) and $self->set_tag( 'q', shift ); my $q = $self->get_tag('q'); if ( defined $q ) { return $q; } else { return 'dns/txt'; } } sub result { my $self = shift; @_ and $self->{verify_result} = shift; @_ and $self->{verify_details} = shift; return $self->{verify_result}; } sub result_detail { my $self = shift; croak 'wrong number of arguments' unless ( @_ == 0 ); if ( $self->{verify_result} && $self->{verify_details} ) { return $self->{verify_result} . ' (' . $self->{verify_details} . ')'; } return $self->{verify_result}; } sub selector { my $self = shift; (@_) and $self->set_tag( 's', shift ); return $self->get_tag('s'); } sub prettify { my $self = shift; $self->wrap( Start => length( $self->prefix() ), Tags => { b => 'b64', bh => 'b64', h => 'list', }, ); } sub prettify_safe { my $self = shift; $self->wrap( Start => length( $self->prefix() ), Tags => { b => 'b64', }, PreserveNames => 1, Default => 'preserve', #preserves unknown tags ); } sub timestamp { my $self = shift; (@_) and $self->set_tag( 't', shift ); return $self->get_tag('t'); } sub version { my $self = shift; (@_) and $self->set_tag( 'v', shift ); return $self->get_tag('v'); } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::Signature - represents a DKIM-Signature header =head1 VERSION version 1.20200907 =head1 CONSTRUCTORS =head2 new() - create a new signature from parameters my $signature = Mail::DKIM::Signature->new( [ Algorithm => 'rsa-sha1', ] [ Signature => $base64, ] [ Method => 'relaxed', ] [ Domain => 'example.org', ] [ Identity => 'user@example.org', ] [ Headers => 'from:subject:date:message-id', ] [ Query => 'dns', ] [ Selector => 'alpha', ] [ Timestamp => time(), ] [ Expiration => time() + 86400, ] ); =head2 parse() - create a new signature from a DKIM-Signature header my $sig = Mail::DKIM::Signature->parse( 'DKIM-Signature: a=rsa-sha1; b=yluiJ7+0=; c=relaxed' ); Constructs a signature by parsing the provided DKIM-Signature header content. You do not have to include the header name (i.e. "DKIM-Signature:") but it is recommended, so the header name can be preserved and returned the same way in as_string(). Note: The input to this constructor is in the same format as the output of the as_string method. =head1 METHODS =head2 algorithm() - get or set the algorithm (a=) field The algorithm used to generate the signature. Should be either "rsa-sha1", an RSA-signed SHA-1 digest, or "rsa-sha256", an RSA-signed SHA-256 digest. See also hash_algorithm(). =head2 as_string() - the signature header as a string print $signature->as_string . "\n"; outputs DKIM-Signature: a=rsa-sha1; b=yluiJ7+0=; c=relaxed As shown in the example, the as_string method can be used to generate the DKIM-Signature that gets prepended to a signed message. =head2 as_string_without_data() - signature without the signature data print $signature->as_string_without_data . "\n"; outputs DKIM-Signature: a=rsa-sha1; b=; c=relaxed This is similar to the as_string() method, but it always excludes the "data" part. This is used by the DKIM canonicalization methods, which require incorporating this part of the signature into the signed message. =head2 body_count() - get or set the body count (l=) field my $i = $signature->body_count; Informs the verifier of the number of bytes in the body of the email included in the cryptographic hash, starting from 0 immediately following the CRLF preceding the body. Also known as the l= tag. When creating a signature, this tag may be either omitted, or set after the selected canonicalization system has received the entire message body (but before it canonicalizes the DKIM-Signature). =head2 body_hash() - get or set the body hash (bh=) field my $bh = $signature->body_hash; The hash of the body part of the message. Whitespace is ignored in this value. This tag is required. When accessing this value, whitespace is stripped from the tag for you. =head2 canonicalization() - get or set the canonicalization (c=) field $signature->canonicalization('relaxed', 'simple'); ($header, $body) = $signature->canonicalization; Message canonicalization (default is "simple/simple"). This informs the verifier of the type of canonicalization used to prepare the message for signing. In scalar context, this returns header/body canonicalization as a single string separated by /. In list context, it returns a two element array, containing first the header canonicalization, then the body. =head2 data() - get or set the signature data (b=) field my $base64 = $signature->data; $signature->data($base64); The signature data. Whitespace is automatically stripped from the returned value. The data is Base64-encoded. =head2 domain() - get or set the domain (d=) field my $d = $signature->domain; # gets the domain value $signature->domain('example.org'); # sets the domain value The domain of the signing entity, as specified in the signature. This is the domain that will be queried for the public key. If using an "internationalized domain name", the domain name must be converted to ASCII (following section 4.1 of RFC 3490) before passing it to this method. =head2 expiration() - get or set the signature expiration (x=) field Signature expiration (default is undef, meaning no expiration). The signature expiration, if defined, is an unsigned integer identifying the standard Unix seconds-since-1970 time when the signature will expire. =head2 get_public_key() - fetches the public key referenced by this signature my $pubkey = $signature->get_public_key; Public key to fetch is determined by the protocol, selector, and domain fields. This method caches the result of the fetch, so subsequent calls will not require additional DNS queries. This method will C if an error occurs. =head2 get_tag() - access the raw value of a tag in this signature my $raw_identity = $signature->get_tag('i'); Use this method to access a tag not already supported by Mail::DKIM, or if you want to bypass decoding of the value by Mail::DKIM. For example, the raw i= (identity) tag is encoded in quoted-printable form. If you use the identity() method, Mail::DKIM will decode from quoted-printable before returning the value. But if you use get_tag('i'), you can access the encoded quoted-printable form of the value. =head2 hash_algorithm() - access the hash algorithm specified in this signature my $hash = $signature->hash_algorithm; Determines what hashing algorithm is used as part of the signature's specified algorithm. For algorithm "rsa-sha1", the hash algorithm is "sha1". Likewise, for algorithm "rsa-sha256", the hash algorithm is "sha256". If the algorithm is not recognized, undef is returned. =head2 headerlist() - get or set the signed header fields (h=) field $signature->headerlist('a:b:c'); my $headerlist = $signature->headerlist; my @headers = $signature->headerlist; Signed header fields. A colon-separated list of header field names that identify the header fields presented to the signing algorithm. In scalar context, the list of header field names will be returned as a single string, with the names joined together with colons. In list context, the header field names will be returned as a list. =head2 identity() - get or set the signing identity (i=) field my $i = $signature->identity; Identity of the user or agent on behalf of which this message is signed. The identity has an optional local part, followed by "@", then a domain name. The domain name should be the same as or a subdomain of the domain returned by the C method. Ideally, the identity should match the identity listed in the From: header, or the Sender: header, but this is not required to have a valid signature. Whether the identity used is "authorized" to sign for the given message is not determined here. If using an "internationalized domain name", the domain name must be converted to ASCII (following section 4.1 of RFC 3490) before passing it to this method. Identity values are encoded in the signature in quoted-printable format. Using this method will translate to/from quoted-printable as necessary. If you want the raw quoted-printable version of the identity, use $signature->get_tag('i'). =head2 key() - get or set the private key object my $key = $signature->key; $signature->key(Mail::DKIM::PrivateKey->load(File => 'private.key')); The private key is used for signing messages. It is not used for verifying messages. The key object can be any object that implements the L method. (Providing your own object can be useful if your actual keys are stored out-of-process.) =head2 method() - get or set the canonicalization (c=) field Message canonicalization (default is "simple"). This informs the verifier of the type of canonicalization used to prepare the message for signing. =head2 protocol() - get or set the query methods (q=) field A colon-separated list of query methods used to retrieve the public key (default is "dns"). Each query method is of the form "type[/options]", where the syntax and semantics of the options depends on the type. =head2 result() - get or set the verification result my $result = $signature->result; $signature->result('pass'); # to set the result with details $signature->result('invalid', 'no public key'); =head2 result_detail() - access the result, plus details if available my $detail = $signature->result_detail; An explanation of possible detail messages can be found in the documentation for L. =head2 selector() - get or set the selector (s=) field The selector subdivides the namespace for the "d=" (domain) tag. =head2 prettify() - alters the signature to look "nicer" as an email header $signature->prettify; This method may alter the signature in a way that breaks signatures, so it should be done ONLY when the signature is being generated, BEFORE being fed to the canonicalization algorithm. See also prettify_safe(), which will not break signatures. =head2 prettify_safe() - same as prettify() but only touches the b= part $signature->prettify_safe; This method will not break the signature, but it only affects the b= part of the signature. =head2 timestamp() - get or set the signature timestamp (t=) field Signature timestamp (default is undef, meaning unknown creation time). This is the time that the signature was created. The value is an unsigned integer identifying the number of standard Unix seconds-since-1970. =head2 version() - get or set the DKIM specification version (v=) field This is the version of the DKIM specification that applies to this signature record. =head1 SEE ALSO L for DomainKey-Signature headers =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/DkimPolicy.pm0000644000175000017500000002001013725344750016731 0ustar marcmarcpackage Mail::DKIM::DkimPolicy; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: represents a DKIM Sender Signing Practices record # Copyright 2005-2007 Messiah College. # Jason Long # Copyright (c) 2004 Anthony D. Urso. All rights reserved. # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use base 'Mail::DKIM::Policy'; # base class is used for parse(), as_string() use Mail::DKIM::DNS; # get_lookup_name() - determine name of record to fetch # sub get_lookup_name { my $self = shift; my ($prms) = @_; # in DKIM, the record to fetch is determined based on the From header if ( $prms->{Author} && !$prms->{Domain} ) { $prms->{Domain} = ( $prms->{Author} =~ /\@([^@]*)$/ and $1 ); } unless ( $prms->{Domain} ) { die "no domain to fetch policy for\n"; } # IETF seems poised to create policy records this way return '_policy._domainkey.' . $prms->{Domain}; } sub new { my $class = shift; return $class->parse( String => 'o=~' ); } #undocumented private class method our $DEFAULT_POLICY; sub default { my $class = shift; $DEFAULT_POLICY ||= $class->new; return $DEFAULT_POLICY; } sub apply { my $self = shift; my ($dkim) = @_; # first_party indicates whether there is a DKIM signature with # an i= tag matching the address in the From: header my $first_party; #FIXME - if there are multiple verified signatures, each one # should be checked foreach my $signature ( $dkim->signatures ) { # only valid/verified signatures are considered next unless ( $signature->result && $signature->result eq 'pass' ); my $oa = $dkim->message_originator->address; if ( $signature->identity_matches($oa) ) { # found a first party signature $first_party = 1; last; } } #TODO - consider testing flag return 'accept' if $first_party; return 'reject' if ( $self->signall_strict && !$self->testing ); if ( $self->signall ) { # is there ANY valid signature? my $verify_result = $dkim->result; return 'accept' if $verify_result eq 'pass'; } return 'reject' if ( $self->signall && !$self->testing ); return 'neutral'; } sub flags { my $self = shift; (@_) and $self->{tags}->{t} = shift; $self->{tags}->{t}; } sub is_implied_default_policy { my $self = shift; my $default_policy = ref($self)->default; return ( $self == $default_policy ); } sub location { my $self = shift; return $self->{Domain}; } sub name { return 'author'; } sub policy { my $self = shift; (@_) and $self->{tags}->{dkim} = shift; if ( defined $self->{tags}->{dkim} ) { return $self->{tags}->{dkim}; } elsif ( defined $self->{tags}->{o} ) { return $self->{tags}->{o}; } else { return 'unknown'; } } sub signall { my $self = shift; return $self->policy && ( $self->policy =~ /all/i || $self->policy eq '-' ); # an older symbol for "all" } sub signall_strict { my $self = shift; return $self->policy && ( $self->policy =~ /strict/i || $self->policy eq '!' ); # "!" is an older symbol for "strict" } sub signsome { my $self = shift; $self->policy or return 1; $self->policy eq '~' and return 1; return; } sub testing { my $self = shift; my $t = $self->flags; ( $t && $t =~ /y/i ) and return 1; return; } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::DkimPolicy - represents a DKIM Sender Signing Practices record =head1 VERSION version 1.20200907 =head1 DESCRIPTION The Sender Signing Practices (SSP) record can be published by any domain to help a receiver know what to do when it encounters an unsigned message claiming to originate from that domain. The record is published as a DNS TXT record at _policy._domainkey.DOMAIN where DOMAIN is the domain of the message's "From" address. This record format has been superceded by ADSP. See L for information about ADSP. It is implemented here because at one time it appeared this is what would be standardized by the IETF. It will be removed from Mail::DKIM at some point in the future. The last version of the SSP specification can be found at L. =head1 CONSTRUCTORS =head2 fetch() Lookup a DKIM signing practices record. my $policy = Mail::DKIM::DkimPolicy->fetch( Protocol => 'dns', Author => 'jsmith@example.org', ); =head2 new() Construct a default policy object. my $policy = Mail::DKIM::DkimPolicy->new; =head1 METHODS =head2 apply() Apply the policy to the results of a DKIM verifier. my $result = $policy->apply($dkim_verifier); The caller must provide an instance of L, one which has already been fed the message being verified. Possible results are: =over =item accept The message is approved by the sender signing policy. =item reject The message is rejected by the sender signing policy. It can be considered very suspicious. =item neutral The message is neither approved nor rejected by the sender signing policy. It can be considered somewhat suspicious. =back =head2 flags() Get or set the flags (t=) tag. A colon-separated list of flags. Flag values are: =over =item y The entity is testing signing practices, and the Verifier SHOULD NOT consider a message suspicious based on the record. =item s The signing practices apply only to the named domain, and not to subdomains. =back =head2 is_implied_default_policy() Is this policy implied? my $is_implied = $policy->is_implied_default_policy; If you fetch the policy for a particular domain, but that domain does not have a policy published, then the "default policy" is in effect. Use this method to detect when that happens. =head2 location() Where the policy was fetched from. If the policy is domain-wide, this will be domain where the policy was published. If the policy is user-specific, TBD. If nothing is published for the domain, and the default policy was returned instead, the location will be C. =head2 policy() Get or set the outbound signing policy (dkim=) tag. my $sp = $policy->policy; Outbound signing policy for the entity. Possible values are: =over =item C The default. The entity may sign some or all email. =item C All mail from the entity is signed. (The DKIM signature can use any domain, not necessarily matching the From: address.) =item C All mail from the entity is signed with Originator signatures. (The DKIM signature uses a domain matching the From: address.) =back =head2 signall() True if policy is "all". =head2 signall_strict() True if policy is "strict". =head2 testing() Checks the testing flag. my $testing = $policy->testing; If nonzero, the testing flag is set on the signing policy, and the verify should not consider a message suspicious based on this policy. =head1 BUGS =over =item * If a sender signing policy is not found for a given domain, the fetch() method should search the parent domains, according to section 4 of the dkim-ssp Internet Draft. =back =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/DNS.pm0000644000175000017500000001740613725344750015330 0ustar marcmarcpackage Mail::DKIM::DNS; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: performs DNS queries for Mail::DKIM # Copyright 2007, 2012 Messiah College. All rights reserved. # Jason Long # This class contains a method to perform synchronous DNS queries. # Hopefully some day it will have a method to perform # asynchronous DNS queries. use Net::DNS; our $TIMEOUT = 10; our $RESOLVER; sub resolver { if (@_) { $RESOLVER = $_[0]; } return $RESOLVER; } sub enable_EDNS0 { # enable EDNS0, set acceptable UDP packet size to a # conservative payload size that should fit into a single # packet (MTU less the IP header size) in most cases; # See also draft-andrews-dnsext-udp-fragmentation # and RFC 3542 section 11.3. my $res = Net::DNS::Resolver->new(); $res->udppacketsize( 1280 - 40 ); resolver($res); } # query- returns a list of RR objects # or an empty list if the domain record does not exist # (e.g. in the case of NXDOMAIN or NODATA) # or throws an error on a DNS query time-out or other transient error # (e.g. SERVFAIL) # # if an empty list is returned, $@ is also set to a string explaining # why no records were returned (e.g. "NXDOMAIN"). # sub query { my ( $domain, $type ) = @_; if ( !$RESOLVER ) { $RESOLVER = Net::DNS::Resolver->new() or die "Internal error: can't create DNS resolver"; } my $rslv = $RESOLVER; # # perform the DNS query # if the query takes too long, we should generate an error # my $resp; my $remaining_time = alarm(0); # check time left, stop the timer my $deadline = time + $remaining_time; my $E; eval { local $SIG{__DIE__}; # set a timeout, 10 seconds by default local $SIG{ALRM} = sub { die "DNS query timeout for $domain\n" }; alarm $TIMEOUT; # the query itself could cause an exception, which would prevent # us from resetting the alarm before leaving the eval {} block # so we wrap the query in a nested eval {} block my $E2; eval { local $SIG{__DIE__}; $resp = $rslv->send( $domain, $type ); 1; } or do { $E2 = $@; }; alarm 0; if ($E2) { chomp $E2; die "$E2\n" } # no line number here 1; } or do { $E = $@; # the $@ only makes sense if eval returns a false }; alarm 0; # restart the timer if it was active if ( $remaining_time > 0 ) { my $dt = $deadline - time; # make sure the timer expiration will trigger a signal, # even at the expense of stretching the interval by one second alarm( $dt < 1 ? 1 : $dt ); } if ($E) { chomp $E; die $E } # ensure a line number # RFC 2308: NODATA is indicated by an answer with the RCODE set to NOERROR # and no relevant answers in the answer section. The authority section # will contain an SOA record, or there will be no NS records there. # NODATA responses have to be algorithmically determined from the # response's contents as there is no RCODE value to indicate NODATA. # In some cases to determine with certainty that NODATA is the correct # response it can be necessary to send another query. if ($resp) { my $header = $resp->header; if ($header) { # NOERROR, NXDOMAIN, SERVFAIL, FORMERR, REFUSED, ... my $rcode = $header->rcode; $@ = $rcode; if ( $rcode eq 'NOERROR' ) { # may or may not contain RRs in the answer sect my @result = grep { lc $_->type eq lc $type } $resp->answer; $@ = 'NODATA' if !@result; return @result; # possibly empty } elsif ( $rcode eq 'NXDOMAIN' ) { return; # empty list, rcode in $@ } } } if ( $rslv->errorstring eq 'NOERROR' ) { return; } if ( $rslv->errorstring =~ /\bno error\b/ ) { return; } die 'DNS error: ' . $rslv->errorstring . "\n"; } # query_async() - perform a DNS query asynchronously # # my $waiter = query_async('example.org', 'TXT', # Callbacks => { # Success => \&on_success, # Error => \&on_error, # }, # ); # my $result = $waiter->(); # sub query_async { my ( $domain, $type, %prms ) = @_; my $callbacks = $prms{Callbacks} || {}; my $on_success = $callbacks->{Success} || sub { $_[0] }; my $on_error = $callbacks->{Error} || sub { die $_[0] }; my $waiter = sub { my @resp; my $rcode; eval { local $SIG{__DIE__}; @resp = query( $domain, $type ); $rcode = $@; 1; } or do { return $on_error->($@); }; $@ = $rcode; return $on_success->(@resp); }; return $waiter; } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::DNS - performs DNS queries for Mail::DKIM =head1 VERSION version 1.20200907 =head1 DESCRIPTION This is the module that performs DNS queries for L. =head1 CONFIGURATION This module has a couple configuration settings that the caller may want to use to customize the behavior of this module. =head2 $Mail::DKIM::DNS::TIMEOUT This global variable specifies the maximum amount of time (in seconds) to wait for a single DNS query to complete. The default is 10. =head2 Mail::DKIM::DNS::resolver() Use this global subroutine to get or replace the instance of L that Mail::DKIM uses. If set to undef (the default), then a brand new default instance of L will be created the first time a DNS query is needed. You will call this subroutine if you want to specify non-default options to L, such as different timeouts, or to enable use of a persistent socket. For example: # first, construct a custom DNS resolver my $res = Net::DNS::Resolver->new( udp_timeout => 3, tcp_timeout => 3, retry => 2, ); $res->udppacketsize(1240); $res->persistent_udp(1); # then, tell Mail::DKIM to use this resolver Mail::DKIM::DNS::resolver($res); =head2 Mail::DKIM::DNS::enable_EDNS0() This is a convenience subroutine that will construct an appropriate DNS resolver that uses EDNS0 (Extension mechanisms for DNS) to support large DNS replies, and configure Mail::DKIM to use it. (As such, it should NOT be used in conjunction with the resolver() subroutine described above.) Mail::DKIM::DNS::enable_EDNS0(); Use of EDNS0 is recommended, since it reduces the need for falling back to TCP when dealing with large DNS packets. However, it is not enabled by default because some Internet firewalls which do deep inspection of packets are not able to process EDNS0-enabled packets. When there is a firewall on a path to a DNS resolver, the EDNS0 feature should be specifically tested before enabling. =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/Signer.pm0000644000175000017500000005426213725344750016134 0ustar marcmarcpackage Mail::DKIM::Signer; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: generates a DKIM signature for a message # Copyright 2005-2007 Messiah College. All rights reserved. # Jason Long # Copyright (c) 2004 Anthony D. Urso. All rights reserved. # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use Mail::DKIM::PrivateKey; use Mail::DKIM::Signature; use base 'Mail::DKIM::Common'; use Carp; # PROPERTIES # # public: # # $dkim->{Algorithm} # identifies what algorithm to use when signing the message # default is "rsa-sha1" # # $dkim->{Domain} # identifies what domain the message is signed for # # $dkim->{KeyFile} # name of the file containing the private key used to sign # # $dkim->{Method} # identifies what canonicalization method to use when signing # the message. default is "relaxed" # # $dkim->{Policy} # a signing policy (of type Mail::DKIM::SigningPolicy) # # $dkim->{Selector} # identifies name of the selector identifying the key # # $dkim->{Key} # the loaded private key # # private: # # $dkim->{algorithms} = [] # an array of algorithm objects... an algorithm object is created for # each signature being added to the message # # $dkim->{result} # result of the signing policy: "signed" or "skipped" # # $dkim->{signature} # the created signature (of type Mail::DKIM::Signature) sub init { my $self = shift; $self->SUPER::init; if ( defined $self->{KeyFile} ) { $self->{Key} ||= Mail::DKIM::PrivateKey->load( File => $self->{KeyFile} ); } unless ( $self->{'Algorithm'} ) { # use default algorithm $self->{'Algorithm'} = 'rsa-sha1'; } unless ( $self->{'Method'} ) { # use default canonicalization method $self->{'Method'} = 'relaxed'; } unless ( $self->{'Domain'} ) { # use default domain $self->{'Domain'} = 'example.org'; } unless ( $self->{'Selector'} ) { # use default selector $self->{'Selector'} = 'unknown'; } } sub finish_header { my $self = shift; $self->{algorithms} = []; my $policy = $self->{Policy}; if ( UNIVERSAL::isa( $policy, 'CODE' ) ) { # policy is a subroutine ref my $default_sig = $policy->($self); unless ( @{ $self->{algorithms} } || $default_sig ) { $self->{'result'} = 'skipped'; return; } } elsif ( $policy && $policy->can('apply') ) { # policy is a Perl object or class my $default_sig = $policy->apply($self); unless ( @{ $self->{algorithms} } || $default_sig ) { $self->{'result'} = 'skipped'; return; } } unless ( @{ $self->{algorithms} } ) { # no algorithms were created yet, so construct a signature # using the current signature properties # check properties unless ( $self->{'Algorithm'} ) { die 'invalid algorithm property'; } unless ( $self->{'Method'} ) { die 'invalid method property'; } unless ( $self->{'Domain'} ) { die 'invalid header property'; } unless ( $self->{'Selector'} ) { die 'invalid selector property'; } $self->add_signature( Mail::DKIM::Signature->new( Algorithm => $self->{'Algorithm'}, Method => $self->{'Method'}, Headers => $self->headers, Domain => $self->{'Domain'}, Selector => $self->{'Selector'}, Key => $self->{'Key'}, KeyFile => $self->{'KeyFile'}, ( $self->{'Identity'} ? ( Identity => $self->{'Identity'} ) : () ), ( $self->{'Timestamp'} ? ( Timestamp => $self->{'Timestamp'} ) : () ), ) ); } foreach my $algorithm ( @{ $self->{algorithms} } ) { # output header as received so far into canonicalization foreach my $header ( @{ $self->{headers} } ) { $algorithm->add_header($header); } $algorithm->finish_header( Headers => $self->{headers} ); } } sub finish_body { my $self = shift; foreach my $algorithm ( @{ $self->{algorithms} } ) { # finished canonicalizing $algorithm->finish_body; # load the private key file if necessary my $signature = $algorithm->signature; my $key = $signature->{Key} || $signature->{KeyFile} || $self->{Key} || $self->{KeyFile}; if ( defined($key) && !ref($key) ) { $key = Mail::DKIM::PrivateKey->load( File => $key ); } $key or die "no key available to sign with\n"; # compute signature value my $signb64 = $algorithm->sign($key); $signature->data($signb64); # insert linebreaks in signature data, if desired $signature->prettify_safe(); $self->{signature} = $signature; $self->{result} = 'signed'; } } sub add_signature { my $self = shift; my $signature = shift; # create a canonicalization filter and algorithm my $algorithm_class = $signature->get_algorithm_class( $signature->algorithm ) or die 'unsupported algorithm ' . ( $signature->algorithm || '' ) . "\n"; my $algorithm = $algorithm_class->new( Signature => $signature, Debug_Canonicalization => $self->{Debug_Canonicalization}, ); push @{ $self->{algorithms} }, $algorithm; return; } sub algorithm { my $self = shift; if ( @_ == 1 ) { $self->{Algorithm} = shift; } return $self->{Algorithm}; } sub domain { my $self = shift; if ( @_ == 1 ) { $self->{Domain} = shift; } return $self->{Domain}; } # these are headers that "should" be included in the signature, # according to the DKIM spec. my @DEFAULT_HEADERS = qw(From Sender Reply-To Subject Date Message-ID To Cc MIME-Version Content-Type Content-Transfer-Encoding Content-ID Content-Description Resent-Date Resent-From Resent-Sender Resent-To Resent-cc Resent-Message-ID In-Reply-To References List-Id List-Help List-Unsubscribe List-Subscribe List-Post List-Owner List-Archive); sub process_headers_hash { my $self = shift; my @headers; # these are the header fields we found in the message we're signing my @found_headers = @{ $self->{header_field_names} }; # Convert all keys to lower case foreach my $header ( keys %{ $self->{'ExtendedHeaders'} } ) { next if $header eq lc $header; if ( exists $self->{'ExtendedHeaders'}->{ lc $header } ) { # Merge my $first = $self->{'ExtendedHeaders'}->{ lc $header }; my $second = $self->{'ExtendedHeaders'}->{$header}; if ( $first eq '+' || $second eq '+' ) { $self->{'ExtendedHeaders'}->{ lc $header } = '+'; } elsif ( $first eq '*' || $second eq '*' ) { $self->{'ExtendedHeaders'}->{ lc $header } = '*'; } else { $self->{'ExtendedHeaders'}->{ lc $header } = $first + $second; } } else { # Rename $self->{'ExtendedHeaders'}->{ lc $header } = $self->{'ExtendedHeaders'}->{$header}; } delete $self->{'ExtendedHeaders'}->{$header}; } # Add the default headers foreach my $default (@DEFAULT_HEADERS) { if ( !exists $self->{'ExtendedHeaders'}->{ lc $default } ) { $self->{'ExtendedHeaders'}->{ lc $default } = '*'; } } # Build a count of found headers my $header_counts = {}; foreach my $header (@found_headers) { if ( !exists $header_counts->{ lc $header } ) { $header_counts->{ lc $header } = 1; } else { $header_counts->{ lc $header } = $header_counts->{ lc $header } + 1; } } foreach my $header ( sort keys %{ $self->{'ExtendedHeaders'} } ) { my $want_count = $self->{'ExtendedHeaders'}->{$header}; my $have_count = $header_counts->{ lc $header } || 0; my $add_count = 0; if ( $want_count eq '+' ) { $add_count = $have_count + 1; } elsif ( $want_count eq '*' ) { $add_count = $have_count; } else { if ( $want_count > $have_count ) { $add_count = $have_count; } else { $add_count = $want_count; } } for ( 1 .. $add_count ) { push @headers, $header; } } return join( ':', @headers ); } sub extended_headers { my $self = shift; $self->{'ExtendedHeaders'} = shift; return; } sub headers { my $self = shift; croak 'unexpected argument' if @_; if ( exists $self->{'ExtendedHeaders'} ) { return $self->process_headers_hash(); } # these are the header fields we found in the message we're signing my @found_headers = @{ $self->{header_field_names} }; # these are the headers we actually want to sign my @wanted_headers = @DEFAULT_HEADERS; if ( $self->{Headers} ) { push @wanted_headers, split /:/, $self->{Headers}; } my @headers = grep { my $a = $_; scalar grep { lc($a) eq lc($_) } @wanted_headers } @found_headers; return join( ':', @headers ); } # return nonzero if this is header we should sign sub want_header { my $self = shift; my ($header_name) = @_; #TODO- provide a way for user to specify which headers to sign return scalar grep { lc($_) eq lc($header_name) } @DEFAULT_HEADERS; } sub key { my $self = shift; if (@_) { $self->{Key} = shift; $self->{KeyFile} = undef; } return $self->{Key}; } sub key_file { my $self = shift; if (@_) { $self->{Key} = undef; $self->{KeyFile} = shift; } return $self->{KeyFile}; } sub method { my $self = shift; if ( @_ == 1 ) { $self->{Method} = shift; } return $self->{Method}; } sub selector { my $self = shift; if ( @_ == 1 ) { $self->{Selector} = shift; } return $self->{Selector}; } sub signatures { my $self = shift; croak 'no arguments allowed' if @_; return map { $_->signature } @{ $self->{algorithms} }; } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::Signer - generates a DKIM signature for a message =head1 VERSION version 1.20200907 =head1 SYNOPSIS use Mail::DKIM::Signer; use Mail::DKIM::TextWrap; #recommended # create a signer object my $dkim = Mail::DKIM::Signer->new( Algorithm => 'rsa-sha1', Method => 'relaxed', Domain => 'example.org', Selector => 'selector1', KeyFile => 'private.key', Headers => 'x-header:x-header2', ); # read an email from a file handle $dkim->load(*STDIN); # or read an email and pass it into the signer, one line at a time while () { # remove local line terminators chomp; s/\015$//; # use SMTP line terminators $dkim->PRINT("$_\015\012"); } $dkim->CLOSE; # what is the signature result? my $signature = $dkim->signature; print $signature->as_string; =head1 DESCRIPTION This class is the part of L responsible for generating signatures for a given message. You create an object of this class, specifying the parameters of the signature you wish to create, or specifying a callback function so that the signature parameters can be determined later. Next, you feed it the entire message using L, completing with L. Finally, use the L method to access the generated signatures. =head2 Pretty Signatures L includes a signature-wrapping module (which inserts linebreaks into the generated signature so that it looks nicer in the resulting message. To enable this module, simply call use Mail::DKIM::TextWrap; in your program before generating the signature. =head1 CONSTRUCTOR =head2 new() Construct an object-oriented signer. # create a signer using the default policy my $dkim = Mail::DKIM::Signer->new( Algorithm => 'rsa-sha1', Method => 'relaxed', Domain => 'example.org', Selector => 'selector1', KeyFile => 'private.key', Headers => 'x-header:x-header2', ); # create a signer using a custom policy my $dkim = Mail::DKIM::Signer->new( Policy => $policyfn, ); The "default policy" is to create a DKIM signature using the specified parameters, but only if the message's sender matches the domain. The following parameters can be passed to this new() method to influence the resulting signature: Algorithm, Method, Domain, Selector, KeyFile, Identity, Timestamp. If you want different behavior, you can provide a "signer policy" instead. A signer policy is a subroutine or class that determines signature parameters after the message's headers have been parsed. See the section L below for more information. See L for more information about policy objects. In addition to the parameters demonstrated above, the following are recognized: =over =item Key rather than using C, use C to use an already-loaded L object. =item Headers A colon separated list of headers to sign, this is added to the list of default headers as shown in in the DKIM specification. For each specified header all headers of that type which are present in the message will be signed, but we will not oversign or sign headers which are not present. If you require greater control over signed headers please use the extended_headers() method instead. The list of headers signed by default is as follows From Sender Reply-To Subject Date Message-ID To Cc MIME-Version Content-Type Content-Transfer-Encoding Content-ID Content-Description Resent-Date Resent-From Resent-Sender Resent-To Resent-cc Resent-Message-ID In-Reply-To References List-Id List-Help List-Unsubscribe List-Subscribe List-Post List-Owner List-Archive =back =head1 METHODS =head2 PRINT() Feed part of the message to the signer. $dkim->PRINT("a line of the message\015\012"); Feeds content of the message being signed into the signer. The API is designed this way so that the entire message does NOT need to be read into memory at once. Please note that although the PRINT() method expects you to use SMTP-style line termination characters, you should NOT use the SMTP-style dot-stuffing technique described in RFC 2821 section 4.5.2. Nor should you use a . sequence to terminate the message. =head2 CLOSE() Call this when finished feeding in the message. $dkim->CLOSE; This method finishes the canonicalization process, computes a hash, and generates a signature. =head2 extended_headers() This method overrides the headers to be signed and allows more control than is possible with the Headers property in the constructor. The method expects a HashRef to be passed in. The Keys are the headers to sign, and the values are either the number of headers of that type to sign, or the special values '*' and '+'. * will sign ALL headers of that type present in the message. + will sign ALL + 1 headers of that type present in the message to prevent additional headers being added. You may override any of the default headers by including them in the hashref, and disable them by giving them a 0 value. Keys are case insensitive with the values being added upto the highest value. Headers => { 'X-test' => '*', 'x-test' => '1', 'Subject' => '+', 'Sender' => 0, }, =head2 add_signature() Used by signer policy to create a new signature. $dkim->add_signature(new Mail::DKIM::Signature(...)); Signer policies can use this method to specify complete parameters for the signature to add, including what type of signature. For more information, see L. =head2 algorithm() Get or set the selected algorithm. $alg = $dkim->algorithm; $dkim->algorithm('rsa-sha1'); =head2 domain() Get or set the selected domain. $alg = $dkim->domain; $dkim->domain('example.org'); =head2 load() Load the entire message from a file handle. $dkim->load($file_handle); Reads a complete message from the designated file handle, feeding it into the signer. The message must use line terminators (same as the SMTP protocol). =head2 headers() Determine which headers to put in signature. my $headers = $dkim->headers; This is a string containing the names of the header fields that will be signed, separated by colons. =head2 key() Get or set the private key object. my $key = $dkim->key; $dkim->key(Mail::DKIM::PrivateKey->load(File => 'private.key')); The key object can be any object that implements the L. (Providing your own object can be useful if your actual keys are stored out-of-process.) If you use this method to specify a private key, do not use L. =head2 key_file() Get or set the filename containing the private key. my $filename = $dkim->key_file; $dkim->key_file('private.key'); If you use this method to specify a private key file, do not use L. =head2 method() Get or set the selected canonicalization method. $alg = $dkim->method; $dkim->method('relaxed'); =head2 message_originator() Access the "From" header. my $address = $dkim->message_originator; Returns the "originator address" found in the message, as a L object. This is typically the (first) name and email address found in the From: header. If there is no From: header, then an empty L object is returned. To get just the email address part, do: my $email = $dkim->message_originator->address; See also L. =head2 message_sender() Access the "From" or "Sender" header. my $address = $dkim->message_sender; Returns the "sender" found in the message, as a L object. This is typically the (first) name and email address found in the Sender: header. If there is no Sender: header, it is the first name and email address in the From: header. If neither header is present, then an empty L object is returned. To get just the email address part, do: my $email = $dkim->message_sender->address; The "sender" is the mailbox of the agent responsible for the actual transmission of the message. For example, if a secretary were to send a message for another person, the "sender" would be the secretary and the "originator" would be the actual author. =head2 selector() Get or set the current key selector. $alg = $dkim->selector; $dkim->selector('alpha'); =head2 signature() Access the generated signature object. my $signature = $dkim->signature; Returns the generated signature. The signature is an object of type L. If multiple signatures were generated, this method returns the last one. The signature (as text) should be B to the message to make the resulting message. At the very least, it should precede any headers that were signed. =head2 signatures() Access list of generated signature objects. my @signatures = $dkim->signatures; Returns all generated signatures, as a list. =head1 SIGNER POLICIES The new() constructor takes an optional Policy argument. This can be a Perl object or class with an apply() method, or just a simple subroutine reference. The method/subroutine will be called with the signer object as an argument. The policy is responsible for checking the message and specifying signature parameters. The policy must return a nonzero value to create the signature, otherwise no signature will be created. E.g., my $policyfn = sub { my $dkim = shift; # specify signature parameters $dkim->algorithm('rsa-sha1'); $dkim->method('relaxed'); $dkim->domain('example.org'); $dkim->selector('mx1'); # return true value to create the signature return 1; }; Or the policy object can actually create the signature, using the add_signature method within the policy object. If you add a signature, you do not need to return a nonzero value. This mechanism can be utilized to create multiple signatures, or to create the older DomainKey-style signatures. my $policyfn = sub { my $dkim = shift; $dkim->add_signature( new Mail::DKIM::Signature( Algorithm => 'rsa-sha1', Method => 'relaxed', Headers => $dkim->headers, Domain => 'example.org', Selector => 'mx1', )); $dkim->add_signature( new Mail::DKIM::DkSignature( Algorithm => 'rsa-sha1', Method => 'nofws', Headers => $dkim->headers, Domain => 'example.org', Selector => 'mx1', )); return; }; If no policy is specified, the default policy is used. The default policy signs every message using the domain, algorithm, method, and selector specified in the new() constructor. =head1 SEE ALSO L =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/Algorithm/0000775000175000017500000000000013725344750016266 5ustar marcmarcMail-DKIM-1.20200907/lib/Mail/DKIM/Algorithm/Base.pm0000644000175000017500000001765513725344750017512 0ustar marcmarcpackage Mail::DKIM::Algorithm::Base; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: base class for DKIM "algorithms" # Copyright 2005-2007 Messiah College. All rights reserved. # Jason Long # Copyright (c) 2004 Anthony D. Urso. All rights reserved. # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use Mail::DKIM::Canonicalization::nowsp; use Mail::DKIM::Canonicalization::relaxed; use Mail::DKIM::Canonicalization::simple; use Mail::DKIM::Canonicalization::seal; use Carp; use MIME::Base64; sub new { my $class = shift; my %args = @_; my $self = bless \%args, $class; $self->init; return $self; } sub init { my $self = shift; croak 'no signature' unless $self->{Signature}; $self->{mode} = $self->{Signature}->signature ? 'verify' : 'sign'; # allows subclasses to set the header_digest and body_digest # properties $self->init_digests; my ( $header_method, $body_method ) = $self->{Signature}->canonicalization; my $header_class = $self->get_canonicalization_class($header_method); my $body_class = $self->get_canonicalization_class($body_method); $self->{canon} = $header_class->new( output_digest => $self->{header_digest}, Signature => $self->{Signature}, Debug_Canonicalization => $self->{Debug_Canonicalization} ); $self->{body_canon} = $body_class->new( output_digest => $self->{body_digest}, Signature => $self->{Signature}, Debug_Canonicalization => $self->{Debug_Canonicalization} ); } # override this method, please... # this method should set the "header_digest" and "body_digest" properties sub init_digests { die 'not implemented'; } # private method - DKIM-specific sub get_canonicalization_class { my $self = shift; croak 'wrong number of arguments' unless ( @_ == 1 ); my ($method) = @_; my $class = $method eq 'nowsp' ? 'Mail::DKIM::Canonicalization::nowsp' : $method eq 'relaxed' ? 'Mail::DKIM::Canonicalization::relaxed' : $method eq 'simple' ? 'Mail::DKIM::Canonicalization::simple' : $method eq 'seal' ? 'Mail::DKIM::Canonicalization::seal' : die "unknown method $method\n"; return $class; } sub add_body { my $self = shift; my $canon = $self->{body_canon} || $self->{canon}; $canon->add_body(@_); } sub add_header { my $self = shift; $self->{canon}->add_header(@_); } sub finish_body { my $self = shift; my $body_canon = $self->{body_canon} || $self->{canon}; $body_canon->finish_body; $self->finish_message; } sub finish_header { my $self = shift; $self->{canon}->finish_header(@_); } # checks the bh= tag of the signature to see if it has the same body # hash as computed by canonicalizing/digesting the actual message body. # If it doesn't match, a false value is returned, and the # verification_details property is set to "body has been altered" sub check_body_hash { my $self = shift; # The body_hash value is set in finish_message(), if we're operating # from a version of the DKIM spec that uses the bh= tag. Otherwise, # the signature shouldn't have a bh= tag to check. my $sighash = $self->{Signature}->body_hash(); if ( $self->{body_hash} and $sighash ) { my $body_hash = $self->{body_hash}; my $expected = decode_base64($sighash); if ( $body_hash ne $expected ) { $self->{verification_details} = 'body has been altered'; # print STDERR "I calculated " # . encode_base64($body_hash, "") . "\n"; # print STDERR "signature has " # . encode_base64($expected, "") . "\n"; return; } } return 1; } sub finish_message { my $self = shift; # DKIM requires the signature itself to be committed into the digest. # But first, we need to set the bh= tag on the signature, then # "prettify" it. $self->{body_hash} = $self->{body_digest}->digest; if ( $self->{mode} eq 'sign' ) { $self->{Signature} ->body_hash( encode_base64( $self->{body_hash}, '' ) ); } if ( $self->{mode} eq 'sign' ) { $self->{Signature}->prettify; } my $sig_line = $self->{Signature}->as_string_without_data; my $canonicalized = $self->{canon}->canonicalize_header($sig_line); $self->{canon}->output($canonicalized); } # override this method, please... sub sign { die 'Not implemented'; } sub signature { my $self = shift; @_ and $self->{Signature} = shift; return $self->{Signature}; } # override this method, please... sub verify { die 'Not implemented'; } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::Algorithm::Base - base class for DKIM "algorithms" =head1 VERSION version 1.20200907 =head1 SYNOPSIS my $algorithm = new Mail::DKIM::Algorithm::rsa_sha1( Signature => $dkim_signature ); # add headers $algorithm->add_header("Subject: this is the subject\015\012"); $algorithm->finish_header; # add body $algorithm->add_body("This is the body.\015\012"); $algorithm->add_body("Another line of the body.\015\012"); $algorithm->finish_body; # now sign or verify... # TODO... =head1 CONSTRUCTOR You should not create an object of this class directly. Instead, use one of the DKIM algorithm implementation classes, such as rsa_sha1: my $algorithm = new Mail::DKIM::Algorithm::rsa_sha1( Signature => $dkim_signature ); =head1 METHODS =head2 add_body() - feeds part of the body into the algorithm/canonicalization $algorithm->add_body("This is the body.\015\012"); $algorithm->add_body("Another line of the body.\015\012"); The body should be fed one "line" at a time. =head2 add_header() - feeds a header field into the algorithm/canonicalization $algorithm->add_header("Subject: this is the subject\015\012"); The header must start with the header field name and continue through any folded lines (including the embedded sequences). It terminates with the at the end of the header field. =head2 finish_body() - signals the end of the message body $algorithm->finish_body Call this method when all lines from the body have been submitted. After calling this method, use sign() or verify() to get the results from the algorithm. =head2 finish_header() - signals the end of the header field block $algorithm->finish_header; Call this method when all the headers have been submitted. =head2 sign() - generates a signature using a private key $base64 = $algorithm->sign($private_key); =head2 signature() - get/set the signature worked on by this algorithm my $old_signature = $algorithm->signature; $algorithm->signature($new_signature); =head2 verify() - verifies a signature $result = $algorithm->verify(); Must be called after finish_body(). The result is a true/false value: true indicates the signature data is valid, false indicates it is invalid. For an invalid signature, details may be obtained from $algorithm->{verification_details} or $@. =head1 SEE ALSO L =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/Algorithm/dk_rsa_sha1.pm0000644000175000017500000001026713725344750021007 0ustar marcmarcpackage Mail::DKIM::Algorithm::dk_rsa_sha1; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: Base algorithm class # Copyright 2005-2006 Messiah College. All rights reserved. # Jason Long # Copyright (c) 2004 Anthony D. Urso. All rights reserved. # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use Mail::DKIM::Canonicalization::dk_simple; use Mail::DKIM::Canonicalization::dk_nofws; use base 'Mail::DKIM::Algorithm::Base'; use Carp; use MIME::Base64; use Digest::SHA; sub finish_header { my $self = shift; $self->SUPER::finish_header(@_); if ( ( my $s = $self->signature ) && $self->{canon}->{interesting_header} ) { my $sender = $self->{canon}->{interesting_header}->{sender}; $sender = defined($sender) && ( Mail::Address->parse($sender) )[0]; my $author = $self->{canon}->{interesting_header}->{from}; $author = defined($author) && ( Mail::Address->parse($author) )[0]; if ($sender) { $s->init_identity( $sender->address, 'header.sender' ); } elsif ($author) { $s->init_identity( $author->address, 'header.from' ); } } return; } sub get_canonicalization_class { my $self = shift; croak 'wrong number of arguments' unless ( @_ == 1 ); my ($method) = @_; my $class = $method eq 'nofws' ? 'Mail::DKIM::Canonicalization::dk_nofws' : $method eq 'simple' ? 'Mail::DKIM::Canonicalization::dk_simple' : die "unknown method $method\n"; return $class; } sub init { my $self = shift; die 'no signature' unless $self->{Signature}; $self->{mode} = $self->{Signature}->signature ? 'verify' : 'sign'; # allows subclasses to set the header_digest and body_digest # properties $self->init_digests; my $method = $self->{Signature}->canonicalization; my $canon_class = $self->get_canonicalization_class($method); $self->{canon} = $canon_class->new( output_digest => $self->{header_digest}, Signature => $self->{Signature}, Debug_Canonicalization => $self->{Debug_Canonicalization} ); } sub init_digests { my $self = shift; # initialize a SHA-1 Digest $self->{header_digest} = Digest::SHA->new(1); $self->{body_digest} = $self->{header_digest}; } sub sign { my $self = shift; croak 'wrong number of arguments' unless ( @_ == 1 ); my ($private_key) = @_; my $digest = $self->{header_digest}->digest; my $signature = $private_key->sign_digest( 'SHA-1', $digest ); return encode_base64( $signature, '' ); } sub verify { my $self = shift; croak 'wrong number of arguments' unless ( @_ == 0 ); my $base64 = $self->signature->data; my $public_key = $self->signature->get_public_key; my $digest = $self->{header_digest}->digest; my $sig = decode_base64($base64); return $public_key->verify_digest( 'SHA-1', $digest, $sig ); } sub finish_message { my $self = shift; # DomainKeys doesn't include the signature in the digest, # but we still want it to look "pretty" :). if ( $self->{mode} eq 'sign' ) { $self->{Signature}->prettify; } } sub wants_pre_signature_headers { return 0; } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::Algorithm::dk_rsa_sha1 - Base algorithm class =head1 VERSION version 1.20200907 =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/Algorithm/rsa_sha1.pm0000644000175000017500000000440513725344750020326 0ustar marcmarcpackage Mail::DKIM::Algorithm::rsa_sha1; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: rsa sha1 algorithm class # Copyright 2005-2006 Messiah College. All rights reserved. # Jason Long # Copyright (c) 2004 Anthony D. Urso. All rights reserved. # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use base 'Mail::DKIM::Algorithm::Base'; use Carp; use MIME::Base64; use Digest::SHA; sub init_digests { my $self = shift; # initialize a SHA-1 Digest $self->{header_digest} = Digest::SHA->new(1); $self->{body_digest} = Digest::SHA->new(1); } sub sign { my $self = shift; croak 'wrong number of arguments' unless ( @_ == 1 ); my ($private_key) = @_; my $digest = $self->{header_digest}->digest; my $signature = $private_key->sign_digest( 'SHA-1', $digest ); return encode_base64( $signature, '' ); } sub verify { my $self = shift; croak 'wrong number of arguments' unless ( @_ == 0 ); my $base64 = $self->signature->data; my $public_key = $self->signature->get_public_key; my $sig = decode_base64($base64); my $digest = $self->{header_digest}->digest; return unless $public_key->verify_digest( 'SHA-1', $digest, $sig ); return $self->check_body_hash; } sub wants_pre_signature_headers { return 1; } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::Algorithm::rsa_sha1 - rsa sha1 algorithm class =head1 VERSION version 1.20200907 =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/lib/Mail/DKIM/Algorithm/rsa_sha256.pm0000644000175000017500000000442513725344750020504 0ustar marcmarcpackage Mail::DKIM::Algorithm::rsa_sha256; use strict; use warnings; our $VERSION = '1.20200907'; # VERSION # ABSTRACT: rsa sha256 algorithm class # Copyright 2005-2006 Messiah College. All rights reserved. # Jason Long # Copyright (c) 2004 Anthony D. Urso. All rights reserved. # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. use base 'Mail::DKIM::Algorithm::Base'; use Carp; use MIME::Base64; use Digest::SHA; sub init_digests { my $self = shift; # initialize a SHA-256 Digest $self->{header_digest} = new Digest::SHA(256); $self->{body_digest} = new Digest::SHA(256); } sub sign { my $self = shift; croak 'wrong number of arguments' unless ( @_ == 1 ); my ($private_key) = @_; my $digest = $self->{header_digest}->digest; my $signature = $private_key->sign_digest( 'SHA-256', $digest ); return encode_base64( $signature, '' ); } sub verify { my $self = shift; croak 'wrong number of arguments' unless ( @_ == 0 ); my $base64 = $self->signature->data; my $public_key = $self->signature->get_public_key; my $digest = $self->{header_digest}->digest; my $sig = decode_base64($base64); return unless $public_key->verify_digest( 'SHA-256', $digest, $sig ); return $self->check_body_hash; } sub wants_pre_signature_headers { return 1; } 1; __END__ =pod =encoding UTF-8 =head1 NAME Mail::DKIM::Algorithm::rsa_sha256 - rsa sha256 algorithm class =head1 VERSION version 1.20200907 =head1 AUTHORS =over 4 =item * Jason Long =item * Marc Bradshaw =item * Bron Gondwana (ARC) =back =head1 THANKS Work on ensuring that this module passes the ARC test suite was generously sponsored by Valimail (https://www.valimail.com/) =head1 COPYRIGHT AND LICENSE =over 4 =item * Copyright (C) 2013 by Messiah College =item * Copyright (C) 2010 by Jason Long =item * Copyright (C) 2017 by Standcore LLC =item * Copyright (C) 2020 by FastMail Pty Ltd =back This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/README0000644000175000017500000000061413725344750013043 0ustar marcmarcThis archive contains the distribution Mail-DKIM, version 1.20200907: Signs/verifies Internet mail with DKIM/DomainKey signatures This software is copyright (c) 2020 by Marc Bradshaw. This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself. This README file was generated by Dist::Zilla::Plugin::Readme v6.014. Mail-DKIM-1.20200907/Changes0000644000175000017500000017634513725344750013475 0ustar marcmarcThis file summarizes what's changed between releases of Mail-DKIM. 1.20200907 2020-09-07 UTC * ARC::Signer: Preserve leading fold from AR (if any) when copying to AAR. Thanks to @dev-aaront-org 1.20200824 2020-08-24 UTC * ARC::Signer: Set cv=none if message contains no ARC headers and no ARC result Thanks to @dev-aaront-org 1.20200724 2020-07-24 UTC * Fix test for change in live dns response 1.20200708 2020-07-08 UTC * Safer internal use of eval 1.20200513.1 2020-05-13 UTC * ARC: When sealing, don't die on an unparsable Authentication-Results header. 0.58 2019-11-13: Marc Bradshaw Thanks to Martin Sluka * Prevent outer $SIG{__DIE__} handlers from being called Thanks to Todd Richmond * Lowercase q tag before use * Lowercase domain check * Strip quotes from PublicKey.pm in addition to other whitespace chars * Fix regex performance issue 0.57 2019-10-08: Marc Bradshaw * Correct the $self->{result_reason} variable name for $self->{details} that is used by the parent class in Mail::DKIM::ARC::Signer 0.56 2019-08-21: Marc Bradshaw * Properly verify the domain, not the instance, of an ARC signature. This allows ARC signatures by keys marked as no subdomains to validate correctly. 0.55 2019-04-12: Marc Bradshaw * The authserv-id of an Authentication-Results header can contain CFWS, Use Mail::AuthenticationResults to parse the authserv-id from this field. * Improve parsing of authserv-id in ARC signer 0.54 2018-10-12: Marc Bradshaw * The T tag on arcseal is not required 0.53 2018-05-27: Marc Bradshaw * Make tests less dependent on local resolver setup * Add thanks to Valimail 0.52 2018-01-12: Marc Bradshaw * Internet connection tests were declared in the wrong order 0.51 2018-01-12: Marc Bradshaw * Fix for older versions of perl * Tests no longer fail with no internet connection 0.50 2017-12-16: Marc Bradshaw * Added Strict mode to DKIM verifier * Code formatting fixes 2017-12-14: John Levine * Make ARC code work a lot better * Add new arcsign.pl and arcverify.pl scripts * ARC code passing all tests and production ready. * Added strict mode to DKIM to reject sha1 and key sizes smaller than 1024 bit. 0.44 2017-10-19: Marc Bradshaw * Added experimental support for ARC 0.43 2017-09-20: Marc Bradshaw * Update tests for new DNS setup 0.42 2017-07-29: Marc Bradshaw * Fix tests failing due to dns changes elsewhere * Moved sample_mime_lite.pl to scripts directory 0.41 2017-04-14: Marc Bradshaw * commit aac893fdbaa7f8ccd5d37fa7f20d1785406cda51 Author: Marc Bradshaw Date: Fri Mar 17 14:53:53 2017 +1100 Avoid use of $_ in read loop RT 106485: Mail::DKIM::PrivateKey->load tampering $_ and * commit 06934f259e392b2a3cf94560e6051d9e522d0bf3 Author: Marc Bradshaw Date: Fri Mar 17 14:44:44 2017 +1100 Ensure PrivateKey file is closed properly. Store PrivateKey file handle in lexical variable and close it once we are done. RT 120638: Mail::DKIM::PrivateKey does not close FILE * commit 9e7c1c4cb78a6cb1cf396ece4379c7ed2c44c974 Author: Marc Bradshaw Date: Fri Feb 27 12:08:11 2015 +1100 Allow greater control over signed headers * commit 8291c034dc7db4394e9df80e70b8cbe8428a38c2 Author: Marc Bradshaw Date: Fri Jan 23 09:54:02 2015 +1100 Allow greater control over which headers are signed by Signer 2013-02-07: Jason Long * lib/Mail/DKIM/Verifier.pm (add_signature): call fetch_public_key() iff the signature passes a validity check; (finish_header): set result to 'invalid' if signature does not have a result * lib/Mail/DKIM/Signature.pm (check_protocol): now returns a list of supported protocols, or an empty list if no supported protocols found. 2013-02-06: Jason Long * t/corpus/good_83176.txt: add new email to test suite; this email contains a signature with a LIST of query methods, one of which is good, but the rest should be quietly ignored. This test currently fails. * lib/Mail/DKIM/Signature.pm (check_protocol): support multiple methods being specified in signatures q= tag. We look for dns/txt to occur anywhere in the field; all other values are ignored. * Fix to better comply with DKIM specification: * DKIM signatures with multiple methods specified in q= tag are now accepted. Such signatures are not known to appear in real life. (rt.cpan.org issue #83176) * Allow greater control over which headers are signed by Signer * Added the extended_headers() method to allow headers to be oversigned, or skipped. * bugfixes: * PrivateKey file is now closed correctly after being read. * Use lexical rather than named file handle 0.40 2013-02-06: Jason Long * lib/Mail/DKIM/DNS.pm: revert change that enabled EDNS0 by default; provide enable_EDNS0() subroutine for enabling EDNS0 * scripts/dkimverify.pl: sample verification script updated to enable EDNS0 before performing the verification 2013-02-06: Jason Long * lib/Mail/DKIM/DNS.pm: set udppacketsize to 1240, which is small enough that packet fragmentation will not normally occur; use DNS txtdata() method on versions of Net::DNS that support it. (This patch contributed by Mark Martinec.) 2013-02-04: Jason Long * lib/Mail/DKIM/DNS.pm: set default udppacketsize to 2048, which seems to be the suggested value to use in the Net::DNS documentation. 2013-02-04: Jason Long * lib/Mail/DKIM/Verifier.pm: avoid an 'uninitialized value' warning when signature being verified is missing a d= tag; accept a selector name of '0' rather than treating it as if the s= tag was missing * lib/Mail/DKIM/PublicKey.pm: sanity check selector/domain before attempting a DNS query (this fixes another 'uninitialized value' warning) * lib/Mail/DKIM/Signature.pm: avoid an 'uninitialized value' warning when calling identity() and d= tag is missing 2013-02-04: Jason Long * lib/Mail/DKIM/DNS.pm: construct a default RESOLVER that sets udppacketsize to 1280. This enables EDNS0 (extension mechanism for DNS), allowing Mail::DKIM to handle larger keys. 2012-11-28: Jason Long * lib/Mail/DKIM/DNS.pm: replace use of query() with send(), since it is never appropriate to append the default domain, and using send() paves the way to using bgsend() in the future for async dns. Contributed by Mark Martinec. * lib/Mail/DKIM/DNS.pm: add global variable $RESOLVER which the user can override if they want to specify options to Net::DNS. 2012-11-28: Jason Long * lib/Mail/DKIM/MessageParser.pm: rewrite of line parsing logic to avoid unnecessary copying of the internal buffer. This replaces use of $self->{buf} with ${ $self->{buf_ref} } in many places. Patch contributed by Mark Martinec. 2012-11-28: Jason Long * lib/Mail/DKIM/Signer.pm: throw proper error message if an invalid algorithm is requested * lib/Mail/DKIM/PublicKey.pm: further refinement to fix Perl warning about use of uninitialized value 2011-04-21: Jason Long * lib/Mail/DKIM/PublicKey.pm: fix a Perl warning about use of an uninitialized value (reported by hsk@fli-leibniz.de) released 2013-02-07 * New/changed functionality: * a single DNS resolver is created for the lifetime of the program, rather than reinitializing the resolver for each new query. * bugfixes: * fix the error message given when an invalid algorithm is specified in the construction of Mail::DKIM::Signer. * avoid Perl warning about use of an undefined value in several places (rt.cpan.org issue #82913). * speed- improved performance of parsing the message into lines (rt.cpan.org issue #77902). Patch by Mark Martinec. * fix DNS queries to use the correct method (txtdata) of Net::DNS (rt.cpan.org issue #83170). Patch by Mark Martinec. * API changes: * global subroutines resolver() or enable_EDNS0() in module Mail::DKIM::DNS can be called to specify non-default options to Net::DNS::Resolver (see also rt.cpan.org issue #80425). 0.39 2010-11-14: Jason Long * lib/Mail/DKIM/Signer.pm: fix an unusual error message given when no Key argument has been specified and it is time to load the key 2010-06-11: Jason Long * t/signer_dk.t: create regression tests for DomainKeys signature generation 2010-06-11: Jason Long * lib/Mail/DKIM/Verifier.pm, Signer.pm, Algorithm/Base.pm (finish_header): provide reference to entire list of headers at completion of header, so that canonicalizers do not need to store their own copy of the header * lib/Mail/DKIM/Canonicalization/DkimCommon.pm: do not store header as parsed, rather only canonicalize header within finish_header() * lib/Mail/DKIM/Canonicalization/DkCommon.pm: do not store header as parsed, rather only canonicalize header within finish_header() * lib/Mail/DKIM/Canonicalization/Base.pm (finish_header): change API * t/simple_canonicalization.t: update for the API change of Canonicalization/Base.pm 2010-06-03: Jason Long * lib/Mail/DKIM/Verifier.pm: prevent abuse- if a message has more than 50 signatures headers, we start ignoring them (it's unreasonable for a message to have more than a very few signature headers). 2010-04-08: Jason Long * t/verifier.t: wrote some tests for DomainKey signatures with empty, missing, or invalid q= tag values * lib/Mail/DKIM/Verifier.pm: move use of check_signature_identity() out of finish_header() and into check_and_verify_signature(); this fixes an issue with getting wrong error codes when q= tag is broken. released 2010-11-14 * bugfixes: * fix issue with getting wrong error codes when q= tag is empty (issue #3011005) * anti-abuse- prevent a message with thousands of signatures from thrashing the whole computer (issue #3010997) * memory usage- significantly reduced memory footprint for processing a message with a large header and many signatures * fix error message given when no KeyFile has been specified (issue #1889690) * API changes: * the Canonicalization::finish_header() method now expects a argument to be passed to it. In the unusual case that you are using this method from your own code, please update your code. 0.38 2010-03-31: Jason Long * lib/Mail/DKIM/DkSignature.pm, Signature.pm: avoid calling lc() on an undefined value (this generates warnings in Perl 5.12.x). Patch contributed by Mark Martinec. 2010-03-01: Jason Long * lib/Mail/DKIM/PrivateKey.pm (load): fix bug where a private key file named '0' could not be loaded 2010-03-01: Jason Long * lib/Mail/DKIM/DkSignature.pm (new): accept Key parameter when constructing a DomainKey signature object 2010-02-27: Jason Long * t/external_signer.t: test use of an alternate object for Key during a "sign" operation 2010-02-24: Jason Long * lib/Mail/DKIM/Signer.pm: document use of an alternate object for PrivateKey objects 2010-02-24: Jason Long * lib/Mail/DKIM/Signer.pm: import PrivateKey.pm in this module, rather than in the Algorithm modules 2010-02-24: Jason Long * lib/Mail/DKIM/PrivateKey.pm: document the sign_digest() method * lib/Mail/DKIM/Algorithm/*: use sign_digest() rather than sign_sha1_digest() 2010-01-23: Jason Long * t/public_key.t: test that DNS failure reason is given, when DNS returns no results * lib/Mail/DKIM/DNS.pm: bugfix (introduced by async_dns branch): preserve $@ in case of no error 2010-01-23: Jason Long * lib/Mail/DKIM/{DNS,Signature,PublicKey,Policy}.pm: merged my "async dns" branch --BEGIN "ASYNC DNS" branch 2009-07-10: Jason Long * lib/Mail/DKIM/Policy.pm: new fetch_async method, seems to work 2009-07-10: Jason Long * lib/Mail/DKIM/Signature.pm: new fetch_public_key method, which starts an asynchronous query for the public key referenced by this signature; redesign get_public_key to know how to complete the query 2009-07-10: Jason Long * lib/Mail/DKIM/PublicKey.pm: new fetch_async method: starts a query and returns a subref that when called will complete the query 2009-07-10: Jason Long * lib/Mail/DKIM/DNS.pm: new query_async method: starts a query and returns a subref that when called will complete the query --END "ASYNC DNS" branch 2009-12-14: Jason Long * MANIFEST: include sample_mime_lite.pl script in tarball 2009-09-08: Jason Long * lib/Mail/DKIM/DNS.pm: restart timer after a DNS lookup; based on a patch contributed by Mark Martinec released 2010-03-31 * New/changed functionality: * DNS lookups can now be started asynchronously; the queries are created as the header is parsed; the results are not actually needed until the entire message has been read. (The Mail::DKIM module does not yet do the queries asynchrously; this is just the infrastructure so that the queries can be asynchronous in the future.) * bugfixes: * DNS lookup overrides alarm() signal (issue #2854325) * documentation updates: * document use of custom PrivateKey object, for external signing * describe how to get "pretty signatures" in Signer.pm 0.37 2009-09-02: Jason Long * t/adsp.t: a test script for checking AuthorDomainPolicy.pm * lib/Mail/DKIM/AuthorDomainPolicy.pm: use d= tag not i= tag when checking for first-party signatures; fix for testing() method not found error; fix for "all" and "discardable" not doing the right thing 2009-08-14: Jason Long * sample_mime_lite.pl: a sample script showing how to use Mail::DKIM with MIME::Lite 2009-07-10: Jason Long * lib/Mail/DKIM/Policy.pm: revert ability for subclasses to override behavior of no-results DNS query * lib/Mail/DKIM/AuthorDomainPolicy.pm: if ADSP record is not found, check whether the domain itself exists * t/policy.t: add a test for the ADSP record causing a DNS error but the domain itself still existing 2009-07-10: Jason Long * t/public_key.t: refine the testing for DNS timeouts and SERVFAIL errors * t/policy.t: add some tests for DNS failures during policy queries * lib/Mail/DKIM/AuthorDomainPolicy.pm: more explicit documentation describing how DNS errors (and NXDOMAIN results) are handled 2009-07-09: Jason Long * lib/Mail/DKIM/Policy.pm: allow subclasses to override behavior when DNS query returns no records * lib/Mail/DKIM/AuthorDomainPolicy.pm: when DNS query returns no records, check the domain itself and possibly die. 2009-07-09: Jason Long * lib/Mail/DKIM/Verifier.pm: wasn't using the right API to get the ADSP policy 2009-07-09: Jason Long * lib/Mail/DKIM/AuthorDomainPolicy.pm, DkimPolicy.pm: changed the format of how methods are documented 2009-07-07: Jason Long * lib/Mail/DKIM/AuthorDomainPolicy.pm, DkimPolicy.pm: add a description of the class to the documentation 2009-06-09: Jason Long * scripts/dkimsign.pl: fix typo in the debugging output 2009-06-09: Jason Long * t/signer.t: test case for bug 2803465: space between header field name and colon cause signature to skip that header * lib/Mail/DKIM/Common.pm (add_header): fix regexp so that a space between the header field name and the colon is not treated as part of the header field name (issue #2803465) 2009-06-02: Jason Long * t/policy.t: test for the as_string() method released 2009-09-08 * New/changed functionality: * ADSP records now check whether the domain itself exists, in accordance to the ADSP specification * bugfixes: * fixed regexp used to detect header field names (issue #2803465) * various fixes to ADSP checking 0.36 2009-06-02: Jason Long * lib/Mail/DKIM/Policy.pm (as_string): restore this method which was accidentally removed in 0.34. released 2009-06-02 * API changes: * restore the as_string() method which was accidentally removed in version 0.34 0.35 2009-05-22: Jason Long * t/signer.t: add a test-case of a message with 10000's of blank lines; this seems to DoS the canonicalization routines * lib/Mail/DKIM/Canonicalization/{simple,relaxed,dk_simple}.pm: fix for bug reported on amavis-user list, patch provided by Mark Martinec. Thanks! released 2009-05-22 * bugfixes: * fixed a runaway regular expression in the canonicalization routines (patch provided by Mark Martinec) 0.34 2009-05-20: Jason Long * lib/Mail/DKIM.pm: rewrite the description section of the Mail::DKIM man page * lib/Mail/DKIM/Verifier.pm: document fetch_author_domain_policies() * Makefile.PL: release 0.34 2009-05-18: Jason Long * t/signer.t: add a test-case of a message without a header * lib/Mail/DKIM/Common.pm (init): initialize variables used by methods in this class; fixes RT.CPAN.ORG bug #46179 2009-04-04: Jason Long * lib/Mail/DKIM/Verifier.pm (fetch_author_domain_policies): new method for fetching ADSP records for a particular message 2009-04-03: Jason Long * lib/Mail/DKIM/DkPolicy.pm: moved the DomainKeys-specific policy stuff from Policy.pm to here * t/policy.t: change tests to use DkPolicy instead of Policy * lib/Mail/DKIM/Verifier.pm (fetch_sender_policy): use DkPolicy class instead of Policy class 2009-04-03: Jason Long * lib/Mail/DKIM/AuthorDomainPolicy.pm: first draft of ADSP support 2009-04-03: Jason Long * lib/Mail/DKIM/Verifier.pm: rename fetch_policies() to policies() * scripts/dkimverify.pl: replace use of fetch_policies() with policies() 2009-03-30: Jason Long * lib/Mail/DKIM/Verifier.pm: document a "temperror" result, which I will soon provide support for 2009-03-30: Jason Long * t/verifier.t: add support for testing DNS failures; add tests for detail messages of public key errors * t/verifier.t: add some tests of DNS failures 2009-03-30: Jason Long * lib/Mail/DKIM/Signature.pm (get_public_key): remember errors and always report them the same way 2009-03-30: Jason Long * lib/Mail/DKIM/Policy.pm, DkPolicy.pm: new method "name" to give a short name of the policy * scripts/dkimverify.pl: use the new fetch_policies() api to list the results of applicable policies 2009-03-24: Jason Long * lib/Mail/DKIM/Verifier.pm (fetch_policies): new method for fetching all applicable policies, and is guaranteed not to "die". 2009-03-24: Jason Long * lib/Mail/DKIM/DNS.pm: use a global variable to specify what Timeout to use * lib/Mail/DKIM/DNS.pm: detect DNS resolver errors and report them * t/public_key.t: test various DNS failures 2009-03-10: Jason Long * t/simple_canonicalization.t: fix simple-canonicalization test, which broke when I removed support for prestandardized DKIM signatures 2009-03-10: Jason Long * lib/Mail/DKIM/Algorithm/*, lib/Mail/DKIM/Canonicalization/*, lib/Mail/DKIM/Signature.pm, t/verifier.t: remove support and tests for the prestandardized DKIM signatures (issue #1871948) * Makefile.PL: bump version released 2009-05-20 * New/changed functionality: * support for ADSP (author-domain-signing-practices) records * removed support for pre-standardized DKIM signatures (i.e. these are DKIM signatures without a v= or bh= tag). * DNS resolver errors are detected and reported as such * API changes: * renamed Mail::DKIM::Policy to Mail::DKIM::DkPolicy. Programs using the former name to create policy objects directly (though it would be more expected to fetch the objects through Mail::DKIM::Verifier) should update their code * new policies() method in Mail::DKIM::Verifier for fetching all applicable sender/author signing policies * bugfixes: * Signer object would die if first line of input wasn't a header (rt.cpan.org issue #46179) 0.33 2009-03-10: Jason Long * Makefile.PL: release "0.33" 2008-11-19: Jason Long * lib/Mail/DKIM/Signature.pm, DkSignature.pm (DEFAULT_PREFIX): new method which determines what prefix to use in as_string, prettify, etc. * lib/Mail/DKIM/KeyValueList.pm (wrap): when splitting the h= field, only allow breaks prior to ':' symbols 2008-11-19: Jason Long * t/signature.t: further checks for prettify signatures (found a case where the new code caused a regression) * lib/Mail/DKIM/TextWrap.pm (flush): remember to update cur position when flushing text; use a "may_break" internal variable to know whether a linebreak is acceptable; other fixes * t/textwrap.t: another test case illustrating failure in TextWrap.pm * lib/Mail/DKIM/KeyValueList.pm (wrap): call flush() right after the ';' character; this is a further fix for #2257046. 2008-11-10: Jason Long * lib/Mail/DKIM/TextWrap.pm (flush): new method to explicitly allow a break at the current point in the string * lib/Mail/DKIM/KeyValueList.pm (wrap): call flush() whenever changing TextWrap parameters (this should complete the fix for #2257046) 2008-11-06: Jason Long * t/signature.t: test Mark Martinec's bad-signature-wrapping bug 2008-11-06: Jason Long * t/verifier.t: use a "fake" dns implementation, so that this test will pass no matter the user's state of dns 2008-11-06: Jason Long * lib/Mail/DKIM/DNS.pm (query): changed API so that it now returns a list of Net::DNS::RR objects, rather than a Net::DNS::Packet object. * lib/Mail/DKIM/Policy.pm: update for the change to the DNS.pm api. * lib/Mail/DKIM/PublicKey.pm: update for the change to the DNS.pm api. 2008-11-06: Jason Long * lib/Mail/DKIM/Signature.pm (encode_qp, decode_qp): suppress a warning about an uninitialized value * lib/Mail/DKIM/Common.pm (message_originator, message_sender): if a From/Sender line is present, but blank, still return a valid object (issue #2126559) * t/public_key.t: new test to check for DNS problems released 2009-03-10 * bugfixes: * signature wrapping would sometimes cause improper preparation of DKIM signatures, with "simple" canonicalization (issue #2257046) * test scripts: * the included corpus is now verified using a fake-DNS resolver, which means the test corpus can validate even when your DNS servers are really slow 0.32 2008-05-09: Jason Long * lib/Mail/DKIM/Algorithm/dk_rsa_sha1.pm: when populating a DomainKey signature's identity, record where the identity came from * lib/Mail/DKIM/DkSignature.pm (identity_source): make the source of the identity (i.e. sender header or from header) available as a method 2008-05-09: Jason Long * lib/Mail/DKIM/Signature.pm (identity): do quoted-printable encoding/ decoding for the i= tag (issue #1839015) * t/corpus/good_qp_1.txt, good_qp_2.txt, good_qp_3.txt: three test files for identities using quoted-printable encoding 2008-04-14: Jason Long * lib/Mail/DKIM/Signature.pm: documentation for get_tag() 2008-04-14: Jason Long * lib/Mail/DKIM/PublicKey.pm (check_granularity): do case-sensitive comparison (issue #1938112) 2008-04-14: Jason Long * t/corpus/badkey_12.txt: fix g= case-sensitivity test so it won't give false positives on dkim-milter * t/corpus/badkey_13.txt: test that the verifier checks granularity against i= tag, not the From header 2008-04-14: Jason Long * lib/Mail/DKIM/Algorithm/dk_rsa_sha1.pm, rsa_sha1.pm: replace use of Digest::SHA1 with equivalent Digest::SHA * Makefile.PL: remove requirement for Digest::SHA1 2008-04-14: Jason Long * Makefile.PL: bump version released 2008-06-03 * removed requirement for Digest::SHA1 (issue #1832549). We now use the more capable Digest::SHA module for SHA-1 and SHA-256. * bugfixes: * granularity checking should be case-sensitive (issue #1938112). * identity tag now uses quoted-printable encoding (issue #1839015). * API improvement: * implemented identity_source() for DkSignature objects 0.31 2008-04-08: Jason Long * lib/Mail/DKIM/PrivateKey.pm: allow Cork argument to new() (#1879209) 2008-04-07: Jason Long * lib/Mail/DKIM/DkimPolicy.pm: fix "use of uninitialized value in string" errors * lib/Mail/DKIM/Signature.pm: provide public API to public-key object of signatures, e.g. so its flags can be accessed (issue #1879215); also, if an error occurs fetching the public-key record, the failure is cached so it won't get tried again * lib/Mail/DKIM/Signer.pm: document how to create a DomainKey-Signature 2008-02-20: Jason Long * lib/Mail/DKIM/TextWrap.pm: implement BreakBefore option; provided a bunch of documentation for this module * t/textwrap.t: tests new functionality of TextWrap * lib/Mail/DKIM/KeyValueList.pm: colon-separated lists are now "wrapped" with colons appearing at the beginning of the next line instead of at the end of the current line (hoping this will fix #1868648) 2008-02-06: Jason Long * lib/Mail/DKIM/Signature.pm: conserve space by omitting "c=simple" and "q=dns/txt" (#1878518) 2008-02-06: Jason Long * lib/Mail/DKIM/Canonicalization/DkCommon.pm, DkimCommon.pm: bugfix for issue #1878954 (undef value used as an ARRAY ref) * lib/Mail/DKIM/Canonicalization/DkCommon.pm: some cleanup, possible bugfix for verifying message with two+ DomainKey signatures * lib/Mail/DKIM/Verifier.pm: allow caller of fetch_author_policy() to specify domain (#1879197) * lib/Mail/DKIM/PrivateKey.pm: cleanup- indentation style; throw error on load() if missing argument 2008-01-24: Jason Long * lib/Mail/DKIM/DkimPolicy.pm, Policy.pm, PublicKey.pm, Verifier.pm: fix parsing regexes used to split email address into localpart and domain (issue #1878994) 2008-01-10: Jason Long * Makefile.PL: bump version * lib/Mail/DKIM/Signature.pm: make sure all public key problems are prefixed with "public key:" (most were already, see below for actual changes) * lib/Mail/DKIM/PublicKey.pm: since Signature.pm is providing the "public key:" prefix, it can be omitted in PublicKey.pm error messages * lib/Mail/DKIM/Verifier: the following result_detail messages have changed: "no public key available" => "public key: not available" "key value list syntax error" => "syntax error" or "public key: syntax error" * t/verifier.t: test that "public key" is mentioned released 2008-04-14 * some error detail messages were changed (see ChangeLog, 2008-01-10 entry) * by default, and when possible, DKIM signatures now omit c= and q= tags (they are optional tags) (issue #1878518) * DKIM and DomainKey signatures are now wrapped so that line breaks occur before colon (':') separators instead of after; this avoids confusing some broken MUAs (issue #1868648) * bugfixes: * "undef value" error when DKIM signature appears at end of header (issue #1878954) * use proper regexp for splitting email address (issue #1878994) * API improvements: * can specify a domain for fetch_author_policy() (issue #1879197) * can access a signature's public-key object (issue #1879215) * can specify an OpenSSL-private-key object for PrivateKey->new() (issue #1879209) 0.30.1 2008-01-24: Jason Long * lib/Mail/DKIM/Algorithm/*: implement wants_pre_signature_headers() for each algorithm * lib/Mail/DKIM/Verifier.pm: if the algorithm "wants_pre_signature_headers", then feed headers found prior to the signature to the signature-specific algorithm doing the verification. This fixes an issue where signatures from cisco.com fail to verify (reported by Mark Martinec). released 2008-01-24 * bugfix: * email from cisco.com was failing to verify (issue #1878523) 0.30 2007-12-10: Jason Long * lib/Mail/DKIM/Verifier.pm (is_subdomain): do case-insensitive comparison * t/corpus/good_dk_7.txt: tests DK signature with domain names that differ only in case * t/corpus/good_rfc4871_4.txt: tests DKIM signature with i= and d= contain domain names differing in case * t/corpus/badkey_12.txt: tests public key where i=JLong, g=jl*ng 2007-12-07: Jason Long * t/verifier.t: three new DK tests * t/corpus/good_dk_6.txt: tests DK signature without h= tag * t/corpus/bad_dk_2.txt: tests DK signature w/o h= tag, Sender has been added * t/corpus/dk_multiple_1.txt: tests two DK signatures (with different domains) in a single message... both should pass * Makefile.PL: version bump 2007-12-07: Jason Long * lib/Mail/DKIM/Verifier.pm, lib/Mail/DKIM/Algorithm/dk_rsa_sha1.pm, lib/Mail/DKIM/Canonicalization/DkCommon.pm: domainkeys: determine identity from algorithm object. Currently the DomainKeys identity is determined by the Verifier. It is theoretically possible for two different DomainKeys signatures on the same message to have different identities. (This happens when one DomainKey signature includes a Sender header, and the other one does not.) This patch moves the determination of identity to the algorithm object. 2007-12-07: Jason Long * lib/Mail/DKIM/Verifier.pm, lib/Mail/DKIM/Common.pm: initialize signatures early. This patch makes Mail::DKIM::Verifier initialize and check the signature object as soon as it is parsed, and subsequent headers are fed into the algorithm as they are read, instead of waiting for the end of header. * lib/Mail/DKIM/Verifier.pm: fix DK identity. The previous patch broke identity-checking for DomainKeys signatures. This patch moves some things around so that identity checking still works. 2007-12-07: Jason Long * lib/Mail/DKIM/Verifier.pm (add_signature): changed to take a signature object, instead of an unparsed header line 2007-11-21: Jason Long * t/corpus/bad_dk_2.txt renamed to dk_headers_2.txt: revert this rename from earlier... the message should "pass" after all (the Sender header was not part of the signature) 2007-11-21: Jason Long * lib/Mail/DKIM/Signer.pm: provide documentation for Key parameter * lib/Mail/DKIM/PrivateKey.pm: created documentation for this package * lib/Mail/DKIM/Signature.pm: implement Key parameter for constructor, and key() method to get/set the private key 2007-11-14: Jason Long * lib/Mail/DKIM/Verifier.pm: for DomainKeys signatures, use the message sender as the identity * lib/Mail/DKIM/DkSignature.pm: allow verifier to supply the signing identity * lib/Mail/DKIM/Verifier.pm, PublicKey.pm: hack for allowing DomainKeys signatures to use public keys with empty g= tags 2007-11-14: Jason Long * lib/Mail/DKIM/Verifier.pm, Signer.pm: update documentation for message_sender() and message_originator() methods, which are now guaranteed to return an object * lib/Mail/DKIM/Common.pm (message_sender, message_originator): always return a Mail::Address object, even if the relevant headers were not found * t/corpus/dk_headers_2.txt renamed to bad_dk_2.txt: it turns out this message should've been failing all along, since the Sender header doesn't match the domain of the signature * lib/Mail/DKIM/Verifier.pm: slight change to the "unsupported version" detail message (don't want nested parenthesis) 2007-11-14: Jason Long * t/corpus/goodkey_4.txt: tests signature with i=a@b, public key implied g= * lib/Mail/DKIM/PublicKey.pm (check_granularity): fixed broken ends-with check, reported by Mark Martinec * t/corpus/good_dk_3.txt, good_dk_4.txt, good_dk_5.txt: these files test DomainKeys signatures with g= values in the public keys * t/corpus/bad_dk_1.txt: this one should fail, since the signature domain does not match the From/Sender header * scripts/dkimsign.pl: added option to override signature's d= tag * t/corpus/badkey_11.txt: tests a valid, but unmatched h= in public key 2007-11-08: Jason Long * lib/Mail/DKIM/Canonicalization/relaxed.pm, lib/Mail/DKIM/Canonicalization/nowsp.pm, lib/Mail/DKIM/Canonicalization/DkCommon.pm, lib/Mail/DKIM/Canonicalization/dk_simple.pm, lib/Mail/DKIM/Canonicalization/simple.pm, lib/Mail/DKIM/Canonicalization/dk_nofws.pm, lib/Mail/DKIM/Canonicalization/DkimCommon.pm, lib/Mail/DKIM/MessageParser.pm: more speed-up optimizations by Mark Martinec, now multiple lines at once can be fed into the canonicalization bits 2007-11-08: Jason Long * Makefile.PL, others: version bump to 0.30 2007-11-08: Jason Long * lib/Mail/DKIM/Signature.pm: minor doc edit * scripts/dkimsign.pl: generate "pretty" signatures; die on unrecognized signature type 2007-11-07: Jason Long * lib/Mail/DKIM/Algorithm/Base.pm: cleanup (delete commented-out code) * lib/Mail/DKIM/Algorithm/dk_rsa_sha1.pm (finish_message): fix bug where DomainKeys signatures were not "pretty", reported by Byung-Hee HWANG. 2007-11-07: Jason Long * lib/Mail/DKIM/Signature.pm: allow Timestamp to be specified to new() * lib/Mail/DKIM/Signer.pm: allow Timestamp to be specified to new(), requested by Mark Martinec * t/signer.t: test timestamp creation 2007-11-06: Jason Long * lib/Mail/DKIM/Canonicalization/simple.pm, lib/Mail/DKIM/Canonicalization/Base.pm, lib/Mail/DKIM/MessageParser.pm: speedup optimizations contributed by Mark Martinec. * lib/Mail/DKIM/Canonicalization/dk_simple,pm lib/Mail/DKIM/Canonicalization/relaxed.pm: more speed up optimizations by Mark Martinec. released 2008-01-10 * includes speed-up optimizations by Mark Martinec * DomainKeys, implement proper identity matching... a DomainKey-Signature's domain should match the From/Sender address * several more test cases * API improvements: * accept additional arguments when creating Signer/Signature * bugfixes: * DomainKey-Signature headers were not "prettified" * granularity ending with '*' was not checked correctly * DomainKey-Signature granularity was checked against the wrong value 0.29 2007-11-07: Jason Long * lib/Mail/DKIM/Verifier.pm: signatures() is now public 2007-10-30: Jason Long * t/corpus/good_rfc4871_3.txt: to test extra tags in signature * scripts/dkimsign.pl: allow user to specify arbitrary extra tags for putting in the signature * lib/Mail/DKIM/MessageParser.pm: make "not implemented" messages more helpful * t/corpus/badkey_10.txt: to test key with t=s * lib/Mail/DKIM/Verifier.pm: allow check_granularity() to return different detail messages; describe two additional result_detail possibilities * lib/Mail/DKIM/PublicKey.pm (check_granularity): check for empty g= value; check for subdomain usage; (subdomain_flag): helper method to look for "s" in flags (flags): return default value if no t= tag 2007-10-26: Jason Long * t/corpus/badkey_9.txt: to test empty g= in selector * t/corpus/ignore_8.txt: to test bad i= value in signature * lib/Mail/DKIM/Verifier.pm: check signature identity value 2007-10-24: Jason Long * t/corpus/badkey_8.txt, ignore_5.txt, ignore_6.txt: fix signature so it would verify if not for the flaw in the public key * scripts/dkimsign.pl: allow key protocol to be specified on command line * lib/Mail/DKIM/Verifier.pm: update documentation on possible error codes * lib/Mail/DKIM/PublicKey.pm: cleanup error code 2007-10-24: Jason Long * t/corpus/badkey_*.txt: changed subjects to indicate which test it is * t/corpus/badkey_7.txt, badkey_8.txt, goodkey_1.txt, goodkey_2.txt, goodkey_3.txt: additional tests of public key features * t/corpus/verifier.t: test the new test messages * lib/Mail/DKIM/Verifier.pm (check_public_key): check key granularity and report the problem if it doesn't match * lib/Mail/DKIM/PublicKey.pm (check_granularity): a method for testing the granularity (granularity): return the default value of '*' if g= not defined * scripts/dkimsign.pl: ability to set i= tag from command-line 2007-10-24: Jason Long * lib/Mail/DKIM/Verifier.pm (check_signature): do signature version check here (finish_header): report invalid signature details to the signature object (signatures): return all parsed signatures, not just "valid" signatures * lib/Mail/DKIM/Signature.pm: some misc. cleanup (check_version): version check is now a separate method, rather than being part of parse() * lib/Mail/DKIM/DkSignature.pm (check_version): always true * t/corpus/multiple_2.txt: a message testing multiple signatures with different results * t/verifier.t: verify that each signature's results are available and correct 2007-10-24: Jason Long * t/corpus/ignore_7.txt: a message with an expired signature * lib/Mail/DKIM/Signature.pm: recognize Expiration as a parameter * scripts/dkimsign.pl: make it possible to create a signature with an x= tag * t/verifier.t: test ignore_7.txt message, should "ignore" * lib/Mail/DKIM/Verifier.pm: check signature expiration when verifying * lib/Mail/DKIM/Signature.pm (check_expiration): new method 2007-10-08: Jason Long * lib/Mail/DKIM/Signer.pm: use "Key" property instead of "private" to store the private key; new methods key() and key_file(); allow each signature to have its own private key * t/signer_policy.t: test specifying a key file in a policy 2007-10-04: Jason Long * lib/Mail/DKIM/MessageParser.pm: return nonzero for PRINT and CLOSE * lib/Mail/DKIM/DkSignature.pm: make expiration() for DomainKey-Signature behave more compatibly with expiration() for DKIM-Signature * lib/Mail/DKIM/Verifier.pm: remove dependency on Error module * README: what I'm interested in if make test fails * lib/Mail/DKIM/Signer.pm: fix bug reported by dairiki, who noticed that the Signer class ignored the signature-specified algorithm when building the algorithm object * scripts/dkimsign.pl: update POD a bit * scripts/dkimverify.pl: add POD * lib/Mail/DKIM/Canonicalization/Base.pm, Algorithm/Base.pm: add see also, author, copyright sections to POD * lib/Mail/DKIM/Algorithm/rsa_sha1.pm, rsa_sha256.pm: remove useless pod * ...and others...: inline documentation (POD) cleanup 2007-10-03: Jason Long * lib/Mail/DKIM/Canonicalization/DkCommon.pm: attempt at making the header handling algorithm easier to understand * t/signer.t: test case for unreadable private key * lib/Mail/DKIM/PrivateKey.pm: die if unable to open private key file * lib/Mail/DKIM/Signer.pm: no more need for a separate existance check on the private key filename * lib/Mail/DKIM/Signature.pm: allow Identity to be specified in new() * lib/Mail/DKIM/Signer.pm: allow Identity to be specified in new() * t/signer.t: test that specifying Identity works 2007-10-02: Jason Long * lib/Mail/DKIM/Canonicalization/DkCommon.pm: there are some varying opinions about how to verify DomainKey-signed messages when there is an h= tag and the headers are in a different order... this is an attempt at making our verifier more compatible with other implementations * dk_headers.txt: some notes on multiple-occuring headers 2007-09-06: Jason Long * lib/Mail/DKIM/Policy.pm (get_lookup_name): new method that determines the name of the record to lookup * lib/Mail/DKIM/DkimPolicy.pm: no longer need to override fetch(), now it just overrides get_lookup_name() released 2007-11-08 * verifiers can now access all parsed signatures and their results, not just signatures that were fully tested * signer policies can now specify what private key file to use * some other minor API improvements * bugfixes: * for DomainKeys signatures, fixed a compatibility issue handling the h= tag * for DKIM, signature expirations had been ignored * for DKIM, signature identities did not have to match the domain * for DKIM, public key granularity field had been ignored 0.28 2007-07-31: Jason Long * Makefile.PL: OpenSSL 0.23 segfaults on certain signatures, so the requirement is now Crypt::OpenSSL::RSA 0.24 or better * lib/Mail/DKIM/KeyValueList.pm: don't split the header in the middle of a tag name released 2007-07-31 * fixed a bug with line-wrapping a signature at the wrong place 0.27 2007-07-25: Jason Long * lib/Mail/DKIM/Signature.pm (identity_matches): new method to help comparing a From/Sender address with the signature identity * lib/Mail/DKIM/DkimPolicy.pm, Policy.pm: use identity_matches function 2007-07-18: Jason Long * lib/Mail/DKIM/Verifier.pm: changed fetch_policy() back to fetch_author_policy(); added fetch_sender_policy(); save results for each signature * lib/Mail/DKIM/Policy.pm: now implements just Dk policies * lib/Mail/DKIM/DkimPolicy.pm: a new module for DKIM signing practices * lib/Mail/DKIM/Signature.pm: can now get/set the verification result for each signature * scripts/dkimsign.pl: handle DOS-formated input * scripts/dkimverify.pl: show multiple signatures' results; show both policy results 2007-06-11: Jason Long * lib/Mail/DKIM/Verifier.pm: public_key no longer available as a verifier property; use eval block instead of try...otherwise; experimental signatures() method * lib/Mail/DKIM/Verifier.pm: added description section to Perldocs; replaced a couple try...otherwise blocks with eval blocks 2007-06-08: Jason Long * policies.txt: some thoughts on dealing with two different types of policy records * lib/Mail/DKIM/Policy.pm: default() is now a private class method * lib/Mail/DKIM/PublicKey.pm: moved DNS query to DNS.pm * lib/Mail/DKIM/Policy.pm: moved DNS query to DNS.pm * lib/Mail/DKIM/DNS.pm: new module that does the common DNS lookups 2007-06-07: Jason Long * lib/Mail/DKIM/Common.pm: change "parse Mail::Address" to my preferred "Mail::Address->parse" style * t/policy.t: test policy lookup by email address instead of domain; test policy lookups on a few well known domains * lib/Mail/DKIM/Verifier.pm: minor doc changes; renamed fetch_author_policy() to fetch_policy(); fetch_author_policy still works for backward compatibility * lib/Mail/DKIM/Policy.pm: allow lookups given sender/from addresses (location): new method to determine where the policy came from 2007-06-05: Jason Long * lib/Mail/DKIM/Policy.pm: create the default policy only once; (is_implied_default_policy): new method to check whether the policy was explicit or implied (fetch): get policy record at the Yahoo!-DomainKeys-defined location, rather than the location in the not-yet-finished DKIM SSP spec. * t/policy.t: test is_implied_default_policy method released 2007-07-25 * Sender signing policies are now better implemented * Both Yahoo! DomainKeys signing policies and the under-development IETF DKIM signing policies are supported * Yahoo! DomainKeys policies can protect the Sender: header * DKIM signing policies can protect the From: header Look at Mail::DKIM::Verifier's fetch_author_policy() and fetch_sender_policy() methods for hints. 0.26 2007-05-24: Jason Long * lib/Mail/DKIM/Signature.pm: accept and use v=1 tag instead of v=0.5 * lib/Mail/DKIM/Policy.pm: oops, left a syntax error in here * t/signer.t: new expected signature value, since signature now has v=1 2007-05-10: Jason Long * lib/Mail/DKIM/PublicKey.pm: simplify error handling in fetch() * lib/Mail/DKIM/Policy.pm: simplify error handling in fetch() released 2007-05-24 * recognize and generate v=1 signatures (DKIM is now RFC 4871) 0.25 2007-05-10: Jason Long * lib/Mail/DKIM/KeyValueList.pm: separator should be "\015\012" not "\n"; allow splitting on whitespace in a colon-separated list value * Makefile.PL: it seems version 0.22 or better is required of Crypt::OpenSSL::RSA 2007-05-01: Jason Long * t/signature.t: test prettify_safe() * lib/Mail/DKIM/TextWrap.pm: new wrapping module to help with prettifying the signature * lib/Mail/DKIM/KeyValueList.pm (wrap): new method to help wrap the signature * lib/Mail/DKIM/Signature.pm: wrap the signature * lib/Mail/DKIM/Algorithm/Base.pm: oops, prettify() should only be called when we're _making_ the signature * lib/Mail/DKIM/KeyValueList.pm (wrap): only do something if TextWrap has been loaded (no longer automatically load it) * lib/Mail/DKIM/Signature.pm (prettify): better default value for Start 2007-04-16: Jason Long * t/signature.t: test that prettify() doesn't choke * lib/Mail/DKIM/Algorithm/Base.pm: call prettify() before hashing the signature header * lib/Mail/DKIM/Signer.pm: call prettify_safe() after generating the signature data * lib/Mail/DKIM/Signature.pm: stubs for prettify() and prettify_safe() * lib/Mail/DKIM/KeyValueList.pm: parse() can now be called on an existing key-value-list to regenerate the tag data from a string 2007-04-15: Jason Long * lib/Mail/DKIM/PublicKey.pm: bug fix- if Net::DNS caused an exception, there was a race condition for resetting the alarm * lib/Mail/DKIM/Signer.pm: limit which headers are signed * t/signer.t: test that undesirable headers are not signed released 2007-05-10 * we now only sign headers that IETF recommends for signing * it's now possible to "prettify" outgoing signatures, but this feature is not enabled by default. To enable, do a "use Mail::DKIM::TextWrap" in your program that signs messages. (This may change in a future release.) 0.24 2007-03-09: Jason Long * lib/Mail/DKIM/PublicKey.pm, lib/Mail/DKIM/Signature.pm, lib/Mail/DKIM/KeyValueList.pm: fix for linebreaks in public key data; provided by Mark Martinec. * lib/Mail/DKIM/Signature.pm: fix default value q=dns/txt; this fixes a bug for DKIM signatures without q= tags * t/verifier.t: added six new tests that test problems with the public key (e.g. revoked, syntax, etc.) released 2007-03-13 * fixes two bugs, see ChangeLog for details * fixed a bug with public keys (in DNS) containing linebreak characters * fixed a bug with DKIM signatures not including the optional q= tag 0.23 2007-02-22: Jason Long * lib/Mail/DKIM/PublicKey.pm: catch certain OpenSSL errors; tweak diagnostics * lib/Mail/DKIM/Verifier.pm: changed OpenSSL error catching code to match that found in PublicKey; document more possible diagnostic codes * lib/Mail/DKIM/Signature.pm: tweaked diagnostics for missing public key * Makefile.PL: check for Test::Simple, which is required for `make test' 2007-02-21: Jason Long * t/signer_policy.t: signature should still work even if no value is returned from signer policy * t/signer.t: now uses v=0.5 signature, which changes the signature * t/verifier.t: added three tests of empty body messages * lib/Mail/DKIM/Signer.pm: fixed bug where if signer policy was a sub ref, and didn't return a true value, the message would get skipped * lib/Mail/DKIM/Canonicalization/simple.pm: argh, hack for handling empty body * lib/Mail/DKIM/MessageParser.pm: fixed bug in handling of messages without bodies * lib/Mail/DKIM/Signature.pm: output v=0.5 signatures now * scripts/dkimsign.pl: new --binary option to disable line-ending conversion 2007-02-19: Jason Long * lib/Mail/DKIM/DkSignature: provide default value for a= tag (thanks to mark.martinec@ijs.si for the patch) * t/corpus/good_dk_2.txt: test for missing q= and a= tags on DomainKey signature 2007-02-09: Jason Long * lib/Mail/DKIM/Verifier.pm, DkSignature.pm: better diagnostic messages; allow missing q= tag for domainkey signatures (thanks to mark.martinec@ijs.si for the patch) released 2007-02-22 * fixes some issues with verifying DomainKeys signatures * generate newer-style DKIM signatures (with v=0.5 tag) * fixed some bugs related to handling messages with no body * improved diagnostic messages for certain cases 0.22 2007-01-19: Jason Long * t/verifiter.t: relaxed the OpenSSL check a little more * DKIM.pm, README, others: updated copyright to include 2007; updated abstract to include DomainKeys; updated version number 2007-01-19: Jason Long * lib/Mail/DKIM/Verifier.pm: in case of unsupported algorithm, canonicalization method, or key protocol, list the bad protocol in the error message to make diagnosing easier * lib/Mail/DKIM/DkSignature.pm: fix a use-of-undefined-scalar bug 2007-01-17: Jason Long * t/verifier.t: fixed testing bug that was too strict about what error message OpenSSL generates * lib/Mail/DKIM/Verifier.pm: handle OpenSSL panic message better released 2007-01-19 * fixes a couple very minor bugs * some cosmetic changes to error messages 0.21 2006-11-27: Jason Long * t/verifier.t: test domainkey message with trailing blank line * lib/Mail/DKIM/Canonicalization/dk_nofws.pm: fixed bug where DomainKey- signed message with trailing blank line was not canonicalized correctly, reported by Mark Martinec. 2006-11-13: Jason Long * t/verifier.t: test invalid signature length * lib/Mail/DKIM/Verifier.pm: fixed bug where OpenSSL error was not reported by moved "local $@" outside try block, thanks to Mark Martinec for finding this; detect OpenSSL error and clean up the error message released 2006-11-29 * fixes two bugs, see ChangeLog for details 0.20 2006-10-24: Jason Long * t/signer_policy.t, t/signer.t: use new() instead of new_object() * lib/Mail/DKIM/Algorithm/Base.pm: allow debugging body canonicalization * lib/Mail/DKIM/MessageParser.pm: removed problematic check for "control characters" * scripts/dkimsign.pl: document --type argument; replace signer policy class with signer policy subroutine 2006-10-23: Jason Long * lib/Mail/DKIM/Signer.pm: bugfix - signatures weren't setup correctly when policy built the signature * lib/Mail/DKIM/Signature.pm: bugfix - empty headerlist should return empty list * lib/Mail/DKIM/Canonicalization/Base.pm: moved support for Debug_Canonicalization here from Algorithm/* * lib/Mail/DKIM/Algorithm/Base.pm: removed Debug_Canonicalization support * lib/Mail/DKIM/Algorithm/dk_rsa_sha1.pm: removed Debug_Canonicalization support 2006-10-23: Jason Long * lib/Mail/DKIM/Signer.pm, lib/Mail/DKIM/Verifier.pm: use new() instead of new_object(); new_object() still supported; documented Debug_Canonicalization option 2006-10-20: Jason Long * t/signer_policy.t: added test for creating DomainKeys signature; added test for creating multiple signatures * lib/Mail/DKIM/SigningFilter.pm: removed (obsolete) * scripts/test_signing_filter.pl: removed (obsolete) * lib/Mail/DKIM/Signer.pm: added signatures method 2006-10-20: Jason Long * lib/Mail/DKIM.pm, lib/Mail/DKIM/Signer.pm, lib/Mail/DKIM/Verifier.pm: various documentation fixes * lib/Mail/DKIM/Verifier.pm: set signature property when result is determined * lib/Mail/DKIM/Signer.pm: support addition of multiple signatures; changed default canonicalization method to "relaxed" 2006-10-20: Jason Long * t/signer_policy.t: tests different forms of signing policies * lib/Mail/DKIM/Signer.pm: support code references as a signing policy; removed support for build_signature (I'm gonna do this a different way) 2006-10-20: Jason Long * t/verifier: added a message containing multiple signatures, only one of which is valid - t/corpus/multiple_1.txt: the new message * lib/Mail/DKIM/Algorithm/Base.pm: added signature method; changed method signature of verify method (no parameters needed any more) * lib/Mail/DKIM/Algorithm/rsa_sha1.pm, lib/Mail/DKIM/Algorithm/rsa_sha256.pm, lib/Mail/DKIM/Algorithm/dk_rsa_sha1.pm: updated verify method * lib/Mail/DKIM/Verifier.pm: support verification of multiple signatures * lib/Mail/DKIM/Signer.pm: documented use of policy _function_ rather than policy object; but no implementation yet * lib/Mail/DKIM/Common.pm (add_body): support multiple algorithms (needed to verify multiple signatures) * lib/Mail/DKIM/Signature.pm: renamed signature() to data(); signature still available for backwards compatibility 2006-10-19: Jason Long * lib/Mail/DKIM/SignerPolicy.pm: document mechanism for users to construct the signature themselves * lib/Mail/DKIM/Canonicalization/DkCommon.pm, * lib/Mail/DKIM/Canonicalization/dk_simple.pm, lib/Mail/DKIM/Canonicalization/dk_nofws.pm: implemented DomainKeys' canonicalization methods * lib/Mail/DKIM/Canonicalization/Base.pm: clarify use of add_body method * lib/Mail/DKIM/Algorithm/Base.pm: clarify use of add_body method * lib/Mail/DKIM/DkSignature.pm: implements DomainKeys signatures * lib/Mail/DKIM/Signer.pm: allow policy to construct the signature, if it implements the build_signature method; allow policy access to header field names (headers method) * lib/Mail/DKIM/Signature.pm: replace use of obsolete method() with canonicalization() * scripts/dkimsign.pl: allow user to specify signature type 2006-10-12: Jason Long * t/verifier: added two new DomainKeys messages to test - t/corpus/good_dk_yahoo.txt - t/corpus/good_dk_gmail.txt * lib/Mail/DKIM/Canonicalization/dk_nofws.pm: added support for the DomainKeys "nofws" canonicalization method * lib/Mail/DKIM/Verifier.pm: recognize DomainKeys signatures; signatures now determine which algorithm class to use * lib/Mail/DKIM/Algorithm/Base.pm: refactored a few things to better accomodate non-DKIM algorithms * lib/Mail/DKIM/Algorithm/dk_rsa_sha1.pm: implements the DomainKeys rsa-sha1 algorithm * lib/Mail/DKIM/DkSignature.pm: handles DomainKeys signatures * lib/Mail/DKIM/Signer.pm: signature now determines which algorithm class to use * lib/Mail/DKIM/PublicKey.pm: change an error message from "headers have been alterered" to "message has been altered" (if the headers have been altered, we really cannot imply that the body is still intact) * lib/Mail/DKIM/Common.pm: removed get_algorithm_class (this is now a signature method) * lib/Mail/DKIM/Signature.pm: added get_algorithm_class; documented get_public_key method 2006-09-28: Jason Long * README: include "Error" in the list of dependencies * lib/Mail/DKIM/Common.pm (get_algorithm_class): return undef instead of throwing an error when an unsupported algorithm is presented * lib/Mail/DKIM/Signature.pm (parse): allow v=0.5 tag (check_protocol): checks for dns option /txt (i.e. "dns/txt") (version): new method for getting/setting v= tag * lib/Mail/DKIM/Verifier.pm (check_signature): fixed algorithm check * t/verifier: added several additional sample emails to verify, including a ietf05 signature, and six cases where the signature should be ignored for one reason or another released 2006-10-24 * now supports verifying multiple signatures (the result returned is based on the "best" available signature) * now supports adding multiple signatures in one pass (to use this, you need to create a "signer policy"; see scripts/dkimsign.pl for an example) * now supports signing/verifying signatures for the older DomainKeys standard * now implements Internet Draft draft-ietf-dkim-base-05, including: * support for the version (v=) tag * eliminated "control character detected in message" error message 0.19 2006-06-15: Jason Long * Makefile.PL: change Perl version check to v5.6.1 instead of 5.8 * t/verifier.t: use binmode function instead of ":raw" layer, for Perl 5.6.1 compatibility released 2006-06-15 * now supports earlier versions of Perl (5.6.1 and up). 0.18 2006-06-09: Jason Long * t/verifier.t: open message in ":raw" mode to avoid CRLF->LF conversion (reported by Eugene Pivovarav) 2006-06-08: Jason Long * lib/Mail/DKIM/PublicKey.pm: rewrote verify_digest() so that it uses the Crypt::OpenSSL::RSA module exclusively, no longer relying on Crypt::RSA::Primitives * lib/Mail/DKIM/PrivateKey.pm: rewrote sign_digest() so it uses Crypt::OpenSSL::RSA exclusively * lib/Mail/DKIM/Key.pm: calculate_EM() - remove dependency on Crypt::RSA::DataFormat * Makefile.PL, README: remove mentions of Crypt::RSA and Crypt::OpenSSL::Bignum released 2006-06-09 * no longer depends on Crypt::RSA or Crypt::OpenSSL::Bignum. 0.17 2006-05-26: Jason Long * lib/Mail/DKIM/Algorithm/Base.pm: check_body_hash() - new method that verifies the body hash against the bh= tag; format for canonicalization debugging output has changed * lib/Mail/DKIM/Algorithm/rsa_sha1.pm: call check_body_hash() before returning results to verify() * lib/Mail/DKIM/Algorithm/rsa_sha256.pm: call check_body_hash() before returning results to verify() * lib/Mail/DKIM/Canonicalization/DkimCommon.pm: fixed bug where extra CRLF was being canonicalized * lib/Mail/DKIM/Key.pm: moved calculate_EM function here from PrivateKey after realizing that it would be needed when verifying * lib/Mail/DKIM/PublicKey.pm: now SHA256 hashes can be verified as well; also, the verification can distinguish between wrong hash and a bad signature * lib/Mail/DKIM/Verifier.pm: provide result details when verification fails; added documentation for the result_detail() method * t/corpus/: added several sample signed messages for the testing routines 2006-04-17: Jason Long * lib/Mail/DKIM/Algorithm/Base.pm: common class for DKIM algorithms * lib/Mail/DKIM/Algorithm/rsa_sha1.pm: now subclasses Algorithm::Base. * lib/Mail/DKIM/Algorithm/rsa_sha256.pm: new class for handling the rsa-sha256 DKIM algorithm * lib/Mail/DKIM/Common.pm: recognize rsa-sha256 algorithm * lib/Mail/DKIM/PrivateKey.pm: implemented signing of a SHA-256 digest * lib/Mail/DKIM/PublicKey.pm: implemented verifying of a SHA-256 digest * lib/Mail/DKIM/Signature.pm: allows algorithm to be "rsa-sha256"; body_hash() - new method handling the bh tag; hash_algorithm() - new method to determine what hash is being used; * lib/Mail/DKIM/Verifier.pm: check_public_key() - new method for checking the validity of a fetched public key * Makefile.PL: added Digest::SHA as a dependency 2006-03-26: Jason Long * lib/Mail/DKIM/Common.pm: remove version number from this file * lib/Mail/DKIM.pm: bump version to 0.17 * README: bump version to 0.17 released 2006-05-26 * now implements Internet Draft draft-ietf-dkim-base-01, including: * support for the body hash (bh=) tag * support for SHA256 digests (uses the Digest::SHA module from CPAN) * if a message fails to verify, it now distinguishes between: * headers having been altered * body having been altered * RSA key failure (i.e. the signing key does not match the public key) * added several sample messages to test against when doing `make test'. 0.16 2006-03-03: Jason Long * lib/Mail/DKIM/Policy.pm: new() and testing() are now warning-free (thanks to jm@jmason.org for the patch) * t/policy.t: tests the Policy package 2006-03-01: Jason Long * lib/Mail/DKIM/Signature.pm: correctly handle spaces around = character * t/signature.t: test for spaces around = character in signature 2006-02-24: Jason Long * t/: wrote some tests and added them to the project * README, Makefile.PL: discovered additional dependency: Crypt::OpenSSL::Bignum * lib/Mail/DKIM/Signature.pm: fixed a warning that could occur if the h= tag was left undefined 2006-02-23: Jason Long * converted to ExtUtils::MakeMaker package format, see the dkimproxy project for revision history prior to 2006-02-23. released 2006-03-03 * first version for CPAN; implements draft-allman-dkim-base-01. Mail-DKIM-1.20200907/scripts/0000775000175000017500000000000013725344750013653 5ustar marcmarcMail-DKIM-1.20200907/scripts/test_canonicalization.pl0000755000175000017500000000271413725344750020601 0ustar marcmarc#!/usr/bin/perl -I../../.. use strict; use warnings; use Getopt::Long; my $headers; GetOptions( "headers=s" => \$headers ) or die "Error: invalid argument(s)\n"; my $canon_method = $ARGV[0] or die "Error: no canonicalization method specified\n"; use Mail::DKIM::Canonicalization::nowsp; use Mail::DKIM::Canonicalization::relaxed; use Mail::DKIM::Canonicalization::simple; use Mail::DKIM::Signature; my $crlf = "\015\012"; # read in headers my @headers; my @header_names; while () { # standardize line terminators chomp; $_ .= $crlf; last if ($_ eq $crlf); if (/^\s/ && @headers) { # continues last header $headers[@headers - 1] .= $_; } else { # starts a new header push @headers, $_; if (/^(\S[^:\s]*)\s*:/) { push @header_names, $1; } } } # determine value of h= tag unless (defined $headers) { $headers = join(":", @header_names); } # create a dummy signature my $signature = new Mail::DKIM::Signature( Algorithm => "rsa-sha1", Method => $canon_method, Domain => "example.org", Selector => "selector"); $signature->headerlist($headers); # create a canonicalization object my $canon_class = "Mail::DKIM::Canonicalization::$canon_method"; my $can = $canon_class->new( Signature => $signature, output_fh => *STDOUT); # repeat the headers foreach my $header (@headers) { $can->add_header($header); } $can->finish_header; # read the body while () { chomp; $can->add_body("$_\015\012"); } $can->finish_body; Mail-DKIM-1.20200907/scripts/dkimsign.pl0000755000175000017500000000763613725344750016032 0ustar marcmarc#!/usr/bin/perl -I../lib # # Copyright (c) 2005-2007 Messiah College. This program is free software. # You can redistribute it and/or modify it under the terms of the # GNU Public License as found at http://www.fsf.org/copyleft/gpl.html. # # Written by Jason Long, jlong@messiah.edu. use strict; use warnings; use Mail::DKIM::Signer; use Mail::DKIM::TextWrap; use Getopt::Long; use Pod::Usage; my $type = "dkim"; my $selector = "selector1"; my $algorithm = "rsa-sha1"; my $method = "simple"; my $domain; # undef => auto-select domain my $expiration; my $identity; my $key_file = "private.key"; my $key_protocol; my @extra_tag; my $debug_canonicalization; my $binary; my $help; GetOptions( "type=s" => \$type, "algorithm=s" => \$algorithm, "method=s" => \$method, "selector=s" => \$selector, "domain=s" => \$domain, "expiration=i" => \$expiration, "identity=s" => \$identity, "key=s" => \$key_file, "key-protocol=s" => \$key_protocol, "debug-canonicalization=s" => \$debug_canonicalization, "extra-tag=s" => \@extra_tag, "binary" => \$binary, "help|?" => \$help, ) or pod2usage(2); pod2usage(1) if $help; pod2usage("Error: unrecognized argument(s)") unless (@ARGV == 0); my $debugfh; if (defined $debug_canonicalization) { open $debugfh, ">", $debug_canonicalization or die "Error: cannot write $debug_canonicalization: $!\n"; } if ($binary) { binmode STDIN; } my $dkim = new Mail::DKIM::Signer( Policy => \&signer_policy, Algorithm => $algorithm, Method => $method, Selector => $selector, KeyFile => $key_file, Debug_Canonicalization => $debugfh, ); while () { unless ($binary) { chomp $_; s/\015?$/\015\012/s; } $dkim->PRINT($_); } $dkim->CLOSE; if ($debugfh) { close $debugfh; print STDERR "wrote canonicalized message to $debug_canonicalization\n"; } print $dkim->signature->as_string . "\n"; sub signer_policy { my $dkim = shift; use Mail::DKIM::DkSignature; $dkim->domain($domain || $dkim->message_sender->host); my $class = $type eq "domainkeys" ? "Mail::DKIM::DkSignature" : $type eq "dkim" ? "Mail::DKIM::Signature" : die "unknown signature type '$type'\n"; my $sig = $class->new( Algorithm => $dkim->algorithm, Method => $dkim->method, Headers => $dkim->headers, Domain => $dkim->domain, Selector => $dkim->selector, defined($expiration) ? (Expiration => time() + $expiration) : (), defined($identity) ? (Identity => $identity) : (), ); $sig->protocol($key_protocol) if defined $key_protocol; foreach my $extra (@extra_tag) { my ($n, $v) = split /=/, $extra, 2; $sig->set_tag($n, $v); } $dkim->add_signature($sig); return; } __END__ =head1 NAME dkimsign.pl - computes a DKIM signature for an email message =head1 SYNOPSIS dkimsign.pl [options] < original_email.txt options: --type=TYPE --method=METHOD --selector=SELECTOR --expiration=INTEGER --debug-canonicalization=FILE dkimsign.pl --help to see a full description of the various options =head1 OPTIONS =over =item B<--expiration> Optional. Specify the desired signature expiration, as a delta from the signature timestamp. =item B<--type> Determines the desired signature. Use dkim for a DKIM-Signature, or domainkeys for a DomainKey-Signature. =item B<--method> Determines the desired canonicalization method. Possible values are simple, simple/simple, simple/relaxed, relaxed, relaxed/relaxed, relaxed/simple. =item B<--debug-canonicalization> Outputs the canonicalized message to the specified file, in addition to computing the DKIM signature. This is helpful for debugging canonicalization methods. =back =head1 AUTHOR Jason Long, Ejlong@messiah.eduE =head1 COPYRIGHT AND LICENSE Copyright (C) 2006-2007 by Messiah College This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/scripts/test_nowsp_rsa_sha1.pl0000755000175000017500000000077413725344750020207 0ustar marcmarc#!/usr/bin/perl -I../../.. use strict; use warnings; use Mail::DKIM::Algorithm::rsa_sha1; use Mail::DKIM::Canonicalization::nowsp; unless (-f "private.key") { die "File not found: private.key\n"; } tie *rsa_sha1, "Mail::DKIM::Algorithm::rsa_sha1", "KeyFile" => "private.key"; my $nowsp = new Mail::DKIM::Canonicalization::nowsp( output_fh => *rsa_sha1); while () { chomp; $nowsp->PRINT("$_\015\012"); } $nowsp->CLOSE; my $rsa_sha1 = tied *rsa_sha1; print $rsa_sha1->sign; print "\n"; Mail-DKIM-1.20200907/scripts/arcverify.pl0000755000175000017500000000643013725344750016206 0ustar marcmarc#!/usr/bin/env perl -I../lib # # Copyright (c) 2005-2007 Messiah College. This program is free software. # Copyright 2017 Standcore LLC. This program is free software. # You can redistribute it and/or modify it under the terms of the # GNU Public License as found at http://www.fsf.org/copyleft/gpl.html. # # Written by Jason Long, jlong@messiah.edu. use strict; use warnings; use Mail::DKIM::ARC::Verifier; use Net::DNS::Resolver::Mock; use Mail::DKIM; use Getopt::Long; use Pod::Usage; my ($as_canonicalization, $ams_canonicalization); my ($details, $dns, $help); my $FakeResolver; GetOptions( "as-canonicalization=s" => \$as_canonicalization, "ams-canonicalization=s" => \$ams_canonicalization, "dns=s" => \$dns, "details" => \$details, "help" => \$help, ) or pod2usage(2); pod2usage(1) if $help or @ARGV > 0; my ($asfh, $amsfh); if (defined $as_canonicalization) { open $asfh, ">", $as_canonicalization or die "Error: cannot write to $as_canonicalization: $!\n"; } if (defined $ams_canonicalization) { open $amsfh, ">", $ams_canonicalization or die "Error: cannot write to $ams_canonicalization: $!\n"; } # use fake DNS records if($dns) { open(DNSR, "<$dns") or die "cannot open $dns"; my $dnsrecs = join("", ); close DNSR; $FakeResolver = Net::DNS::Resolver::Mock->new(); $FakeResolver->zonefile_parse( $dnsrecs ); } else { # recommended, but may cause compatibility problems with old firewalls Mail::DKIM::DNS::enable_EDNS0; } my $arc = new Mail::DKIM::ARC::Verifier( AS_Canonicalization => $asfh, AMS_Canonicalization => $amsfh, ); Mail::DKIM::DNS::resolver( $FakeResolver ) if $FakeResolver; my $msg = join("", ); $msg =~ s/\015?\012/\015\012/g; $arc->PRINT($msg); $arc->CLOSE; print "RESULT: " . $arc->result . "\n"; if($details) { printf "DETAILS: %s\nRESULTS: %s\n", $arc->{details}, $arc->result_detail; my @sigs = @{$arc->{signatures}}; foreach my $s (@sigs) { printf "SIG: %s by %s result %s\n", $s->domain , ref($s), $s->result || ""; } my @algs = @{$arc->{algorithms}}; foreach my $h (@algs) { printf "ALG: by %s result %s\n" , ref($h), $h->signature->result || ""; } } __END__ =head1 NAME arcverify.pl - verifies ARC signatures on an email message =head1 SYNOPSIS arcverify.pl [options] < signed_email.txt options: --as-canonicalization=FILE --ams-canonicalization=FILE --dns=FILE --details arcverify.pl --help to see a full description of the various options =head1 OPTIONS =over =item B<--as-canonicalization> =item B<--ams-canonicalization> Outputs the canonicalized message used for the ARC-Seal or ARC-Message-Signature to the specified file, in addition to computing the ARC signature. This is helpful for debugging canonicalization methods. =item B<--details> Print details of ARC evaluation. =item B<--dnsrecords=FILE> Use DNS records from that file rather than the real DNS. =back =head1 AUTHOR Jason Long, Ejlong@messiah.eduE John Levine, Ejohn.levine@standcore.comE =head1 COPYRIGHT AND LICENSE Copyright (C) 2006-2007 by Messiah College Copyright 2017 by Standcore LLC This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/scripts/test_bare_rsa_sha1.pl0000755000175000017500000000053413725344750017744 0ustar marcmarc#!/usr/bin/perl -I../../.. use strict; use warnings; use Mail::DKIM::Algorithm::rsa_sha1; unless (-f "private.key") { die "File not found: private.key\n"; } my $rsa_sha1 = new Mail::DKIM::Algorithm::rsa_sha1( KeyFile => "private.key"); while () { chomp; $rsa_sha1->PRINT("$_\015\012"); } $rsa_sha1->CLOSE; print $rsa_sha1->sign; Mail-DKIM-1.20200907/scripts/arcsign.pl0000755000175000017500000000651013725344750015641 0ustar marcmarc#!/usr/bin/perl -I../lib # # Copyright (c) 2005-2007 Messiah College. This program is free software. # Copyright (c) 2017 Standcore LLC. This program is free software. # You can redistribute it and/or modify it under the terms of the # GNU Public License as found at http://www.fsf.org/copyleft/gpl.html. # # Written by Jason Long, jlong@messiah.edu. use strict; use warnings; use Mail::DKIM::ARC::Signer; use Getopt::Long; use Pod::Usage; my $selector = "selector1"; my $algorithm = "rsa-sha256"; my $chain = "ar"; my $domain; # undef => auto-select domain my $srvid; my $key_file = "private.key"; my $timestamp = 12345; my @extra_tag; my $debug_canonicalization; my $binary; my $help; my $wrap; GetOptions( "selector=s" => \$selector, "domain=s" => \$domain, "srvid=s" => \$srvid, "chain=s" => \$chain, "key=s" => \$key_file, "debug-canonicalization=s" => \$debug_canonicalization, "timestamp=i" => \$timestamp, "extra-tag=s" => \@extra_tag, "binary" => \$binary, "wrap" => \$wrap, "help|?" => \$help, ) or pod2usage(2); pod2usage(1) if $help; pod2usage("Error: unrecognized argument(s)") unless (@ARGV == 0); eval "use Mail::DKIM::TextWrap;" if($wrap); my $debugfh; if (defined $debug_canonicalization) { open $debugfh, ">", $debug_canonicalization or die "Error: cannot write $debug_canonicalization: $!\n"; } if ($binary) { binmode STDIN; } my $arc = new Mail::DKIM::ARC::Signer( Domain => $domain, SrvId => $srvid, Chain => $chain, Algorithm => $algorithm, Selector => $selector, KeyFile => $key_file, Debug_Canonicalization => $debugfh, Timestamp => $timestamp ); while () { unless ($binary) { chomp $_; s/\015?$/\015\012/s; } $arc->PRINT($_); } $arc->CLOSE; if ($debugfh) { close $debugfh; print STDERR "wrote canonicalized message to $debug_canonicalization\n"; } print "RESULT IS " . $arc->result() . "\n"; if( $arc->result eq "sealed") { print join("\n",$arc->as_strings) . "\n"; } else { print "REASON IS " . $arc->{details} . "\n"; } __END__ =head1 NAME arcsign.pl - computes ARC signatures for an email message =head1 SYNOPSIS arcsign.pl [options] < original_email.txt options: --chain=pass|fail|none|ar --domain=DOMAIN --srvid=DOMAIN --selector=SELECTOR --key=FILE --debug-canonicalization=FILE --timestamp=INTEGER --wrap arcsign.pl --help to see a full description of the various options =head1 OPTIONS =over =item B<--chain> Chain value. "ar" means pick it up from Authentication-Results header. =item B<--key> File containing private key, without BEGIN or END lines. =item B<--domain> Signing domain =item B<--srvid> Authentication-Results server domain, defaults to signing domain. =item B<--debug-canonicalization> Outputs the canonicalized message to the specified file, in addition to computing the DKIM signature. This is helpful for debugging canonicalization methods. =back =head1 AUTHORS Jason Long, Ejlong@messiah.eduE John Levine, Ejohn.levine@standcore.comE =head1 COPYRIGHT AND LICENSE Copyright (C) 2006-2007 by Messiah College Copyright 2017 by Standcore LLC This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/scripts/dkimverify.pl0000755000175000017500000000440713725344750016367 0ustar marcmarc#!/usr/bin/perl -I../lib # # Copyright (c) 2005-2007 Messiah College. This program is free software. # You can redistribute it and/or modify it under the terms of the # GNU Public License as found at http://www.fsf.org/copyleft/gpl.html. # # Written by Jason Long, jlong@messiah.edu. use strict; use warnings; use Mail::DKIM::Verifier; use Getopt::Long; my $debug_canonicalization; GetOptions( "debug-canonicalization=s" => \$debug_canonicalization, ) or die "Error: invalid argument(s)\n"; my $debugfh; if (defined $debug_canonicalization) { open $debugfh, ">", $debug_canonicalization or die "Error: cannot write to $debug_canonicalization: $!\n"; } # recommended, but may cause compatibility problems with old firewalls Mail::DKIM::DNS::enable_EDNS0; my $dkim = new Mail::DKIM::Verifier( Debug_Canonicalization => $debugfh, ); while () { chomp; s/\015$//; $dkim->PRINT("$_\015\012"); } $dkim->CLOSE; if ($debugfh) { close $debugfh; print STDERR "wrong canonicalized message to $debug_canonicalization\n"; } print "originator address: " . $dkim->message_originator->address . "\n"; foreach my $signature ($dkim->signatures) { print "signature identity: " . $signature->identity . "\n"; print "verify result: " . $signature->result_detail . "\n"; } foreach my $policy ($dkim->policies) { my $policy_name = $policy->name; print "$policy_name policy result: "; my $policy_result = $policy->apply($dkim); print "$policy_result\n"; } __END__ =head1 NAME dkimverify.pl - verifies DKIM signatures on an email message =head1 SYNOPSIS dkimverify.pl [options] < signed_email.txt options: --debug-canonicalization=FILE dkimverify.pl --help to see a full description of the various options =head1 OPTIONS =over =item B<--debug-canonicalization> Outputs the canonicalized message to the specified file, in addition to computing the DKIM signature. This is helpful for debugging canonicalization methods. =back =head1 AUTHOR Jason Long, Ejlong@messiah.eduE =head1 COPYRIGHT AND LICENSE Copyright (C) 2006-2007 by Messiah College This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/scripts/sample_mime_lite.pl0000755000175000017500000000332513725344750017521 0ustar marcmarc#!/usr/bin/perl use strict; use warnings; use MIME::Lite; # MIME::Lite is a Perl module for constructing MIME messages, # as well as sending messages on their way. # # This sample script attempts to construct a message using # MIME::Lite, generate a DKIM signature for that message, then # insert the DKIM signature into the MIME::Lite message, and # use MIME::Lite to send the message. # # The result is a partial success. Some of the MIME::Lite headers # get moved above the DKIM-Signature header, which may be # problematic. I haven't tested it. # my $msg; ### Create the multipart "container": $msg = MIME::Lite->new( From =>'me@myhost.com', To =>'you@yourhost.com', Cc =>'some@other.com, some@more.com', Subject =>'A message with 2 parts...', Type =>'multipart/mixed' ); ### Add the text message part: ### (Note that "attach" has same arguments as "new"): $msg->attach( Type =>'TEXT', Data =>"Here's the GIF file you wanted" ); ### Add the image part: $msg->attach( Type =>'image/gif', Path =>'aaa000123.gif', Filename =>'logo.gif', Disposition => 'attachment' ); ### Add a DKIM signature use Mail::DKIM::Signer; my $dkim = Mail::DKIM::Signer->new( Algorithm => "rsa-sha1", Method => "relaxed", Domain => "myhost.com", Selector => "mx1", KeyFile => "./private.key", ); my $raw_data = $msg->as_string; $raw_data =~ s/\n/\015\012/gs; $dkim->PRINT($raw_data); $dkim->CLOSE; my $sig = $dkim->signature; my ($header_name, $header_content) = split /:\s*/, $sig->as_string, 2; unshift @{$msg->{Header}}, [ $header_name, $header_content ]; print $msg->as_string; Mail-DKIM-1.20200907/MANIFEST0000644000175000017500000000753213725344750013322 0ustar marcmarc# This file was automatically generated by Dist::Zilla::Plugin::Manifest v6.014. Changes HACKING.DKIM LICENSE MANIFEST META.json META.yml Makefile.PL README README.md TODO dist.ini doc/async_dns.txt doc/common_verification_problems.txt doc/dk_headers.txt doc/dkim_errata.txt doc/policies.txt doc/qp1.txt lib/Mail/DKIM.pm lib/Mail/DKIM/ARC/MessageSignature.pm lib/Mail/DKIM/ARC/Seal.pm lib/Mail/DKIM/ARC/Signer.pm lib/Mail/DKIM/ARC/Verifier.pm lib/Mail/DKIM/Algorithm/Base.pm lib/Mail/DKIM/Algorithm/dk_rsa_sha1.pm lib/Mail/DKIM/Algorithm/rsa_sha1.pm lib/Mail/DKIM/Algorithm/rsa_sha256.pm lib/Mail/DKIM/AuthorDomainPolicy.pm lib/Mail/DKIM/Canonicalization/Base.pm lib/Mail/DKIM/Canonicalization/DkCommon.pm lib/Mail/DKIM/Canonicalization/DkimCommon.pm lib/Mail/DKIM/Canonicalization/dk_nofws.pm lib/Mail/DKIM/Canonicalization/dk_simple.pm lib/Mail/DKIM/Canonicalization/nowsp.pm lib/Mail/DKIM/Canonicalization/relaxed.pm lib/Mail/DKIM/Canonicalization/seal.pm lib/Mail/DKIM/Canonicalization/simple.pm lib/Mail/DKIM/Common.pm lib/Mail/DKIM/DNS.pm lib/Mail/DKIM/DkPolicy.pm lib/Mail/DKIM/DkSignature.pm lib/Mail/DKIM/DkimPolicy.pm lib/Mail/DKIM/Key.pm lib/Mail/DKIM/KeyValueList.pm lib/Mail/DKIM/MessageParser.pm lib/Mail/DKIM/Policy.pm lib/Mail/DKIM/PrivateKey.pm lib/Mail/DKIM/PublicKey.pm lib/Mail/DKIM/Signature.pm lib/Mail/DKIM/Signer.pm lib/Mail/DKIM/SignerPolicy.pm lib/Mail/DKIM/TextWrap.pm lib/Mail/DKIM/Verifier.pm scripts/arcsign.pl scripts/arcverify.pl scripts/dkimsign.pl scripts/dkimverify.pl scripts/sample_mime_lite.pl scripts/test_bare_rsa_sha1.pl scripts/test_canonicalization.pl scripts/test_nowsp_rsa_sha1.pl t/ArcTestSuite.pm t/FAKE_DNS.dat t/Mail-DKIM.t t/adsp.t t/arc-draft-sign-tests.t t/arc-draft-validation-tests.t t/arc-signer.t t/arc_test_suite/LICENSE.txt t/arc_test_suite/README.txt t/arc_test_suite/arc-draft-sign-tests.yml t/arc_test_suite/arc-draft-validation-tests.yml t/arc_test_suite/unused_tests.yml t/author-pod-syntax.t t/corpus/bad_1.txt t/corpus/bad_1878954.txt t/corpus/bad_dk_1.txt t/corpus/bad_dk_2.txt t/corpus/bad_dk_3.txt t/corpus/bad_dk_4.txt t/corpus/bad_dk_5.txt t/corpus/bad_ietf01_1.txt t/corpus/bad_ietf01_2.txt t/corpus/bad_ietf01_3.txt t/corpus/badkey_1.txt t/corpus/badkey_10.txt t/corpus/badkey_11.txt t/corpus/badkey_12.txt t/corpus/badkey_13.txt t/corpus/badkey_14.txt t/corpus/badkey_15.txt t/corpus/badkey_2.txt t/corpus/badkey_3.txt t/corpus/badkey_4.txt t/corpus/badkey_5.txt t/corpus/badkey_6.txt t/corpus/badkey_7.txt t/corpus/badkey_8.txt t/corpus/badkey_9.txt t/corpus/dk_headers_1.txt t/corpus/dk_headers_2.txt t/corpus/dk_multiple_1.txt t/corpus/good_1878523.txt t/corpus/good_83176.txt t/corpus/good_dk_1.txt t/corpus/good_dk_2.txt t/corpus/good_dk_3.txt t/corpus/good_dk_4.txt t/corpus/good_dk_5.txt t/corpus/good_dk_6.txt t/corpus/good_dk_7.txt t/corpus/good_dk_gmail.txt t/corpus/good_dk_yahoo.txt t/corpus/good_ietf00_1.txt t/corpus/good_ietf00_2.txt t/corpus/good_ietf00_3.txt t/corpus/good_ietf00_4.txt t/corpus/good_ietf00_5.txt t/corpus/good_ietf01_1.txt t/corpus/good_ietf01_2.txt t/corpus/good_qp_1.txt t/corpus/good_qp_2.txt t/corpus/good_qp_3.txt t/corpus/good_rfc4871_3.txt t/corpus/good_rfc4871_4.txt t/corpus/goodkey_1.txt t/corpus/goodkey_2.txt t/corpus/goodkey_3.txt t/corpus/goodkey_4.txt t/corpus/ignore_1.txt t/corpus/ignore_2.txt t/corpus/ignore_3.txt t/corpus/ignore_4.txt t/corpus/ignore_5.txt t/corpus/ignore_6.txt t/corpus/ignore_7.txt t/corpus/ignore_8.txt t/corpus/mine_ietf01_1.txt t/corpus/mine_ietf01_2.txt t/corpus/mine_ietf01_3.txt t/corpus/mine_ietf01_4.txt t/corpus/mine_ietf05_1.txt t/corpus/multiple_1.txt t/corpus/multiple_2.txt t/corpus/no_body_1.txt t/corpus/no_body_2.txt t/corpus/no_body_3.txt t/dev-manifest.t t/external_signer.t t/policy.t t/public_key.t t/signature.t t/signer.t t/signer_dk.t t/signer_policy.t t/simple_canonicalization.t t/test.key t/test5.txt t/textwrap.t t/verifier.t t/verifier_strict.t weaver.ini Mail-DKIM-1.20200907/HACKING.DKIM0000644000175000017500000001116613725344750013701 0ustar marcmarcHere is a list of components of Mail::DKIM, and the parts of the DKIM spec. they implement: http://mipassoc.org/dkim/specs/draft-allman-dkim-base-01.txt Canonicalization/DkimCommon.pm -- 5.4 Canonicalization/simple.pm -- 3.4.1 and 3.4.3 Canonicalization/relaxed.pm -- 3.4.2 and 3.4.4 http://mipassoc.org/mass/specs/draft-allman-dkim-base-00-10dc.html Algorithm/rsa_sha1.pm -- 3.3.1 Canonicalization/nowsp.pm -- 3.4.2 Signature.pm -- 3.5 Signer.pm -- 5 Verifier.pm -- 6 -- New version - update version numbers in these files: lib/Mail/DKIM.pm lib/Mail/DKIM/Verifier.pm lib/Mail/DKIM/Signer.pm lib/Mail/DKIM/Common.pm README -- New algorithm: create new algorithm class by copying and editing lib/Mail/DKIM/Algorithm/rsa_sha1.pm edit lib/Mail/DKIM/Common.pm: get_algorithm_class() - add a check for your new algorithm and return the name of your new algorithm class add a "use" line at the top of this file so that your algorithm class gets imported -- How the Verifier Works: First, the message headers are fed into the verifier object, where they are stored into a buffer until all headers have been seen. message +----------+ ------> | Verifier | +----------+ When the blank line separating the header from the body has been seen, the verifier looks at the headers, picking out and parsing each DKIM and DomainKey signature for verification. The signature specifies which algorithm and canonicalization method the verifier should use. The verifier creates an "algorithm object" corresponding to each signature. Each algorithm object will perform the verification for one signature. Now the verifier feeds the message headers from its buffer into each newly-constructed algorithm object, which in turn feeds the headers into the header canonicalizer, which canonicalizes the headers and feeds the result into a Digest object, which will compute the SHA-1 or SHA-256 digest. +----------+ +-----------+ +---------+ can. +--------+ | Verifier | headers | Algorithm | | Canoni- | headers | Header | | | ------> | | --> | calizer | ------> | Digest | +----------+ +-----------+ +---------+ +--------+ Now the verifier accepts the rest of the message (i.e. the body). The body is not buffered in memory; it gets piped through the algorithm, the body canonicalizer, and into the body digest. message +----------+ +-----------+ +---------+ can. +--------+ body | Verifier | | Algorithm | | Canoni- | body | Body | ------> | | > | | > | calizer | ---> | Digest | +----------+ +-----------+ +---------+ +--------+ Now the whole message has been read. The DKIM signature, minus the contents of the b= tag, is fed into the header canonicalizer, which gets fed into the header digest. modified DKIM +---------+ can. +--------+ signature | Canoni- | header | Header | ------------> | calizer | -----> | Digest | +---------+ +--------+ The header digest is computed, and the algorithm verifies it against the value of the b= tag in the signature. If it fails to match, the signature has "failed". Next, the body digest is computed, and compared with that in the signature. If it fails to match, the signature has "failed". Otherwise, the signature has "passed". -- Asynchronous DNS lookups In the dkimproxy case, as the message is received it is being "fed" into the DKIM verifier. The DKIM verifier can emit the DNS queries as soon as the header is read and parsed. Each signature is assumed to have a valid public key. When the entire message is finished, the DKIM verifier will wait for any DNS queries that haven't finished, then verify the signatures. In the SpamAssassin case, the message is already in memory. SpamAssassin will want to create the DKIM verifier and give it the message header early so that the DNS queries can be emitted. Then when the DNS responses are received, it can come back and give the verifier the rest of the message. Considering this, it might be useful to provide a slightly different API for SpamAssassin. One that explicitly specifies the header boundaries (when it expects DNS queries to be emitted), and the end of message (when the DNS responses are ready, or it's ok to block until they are). E.g. $dkim = Verifier->new(Resolver => $my_custom_resolver); $dkim->process_header($entire_header); $dkim->process_body($entire_message_body); $my_custom_resolver->wait_for_responses(); $dkim->do_verification(); my $result = $dkim->result; Mail-DKIM-1.20200907/t/0000775000175000017500000000000013725344750012427 5ustar marcmarcMail-DKIM-1.20200907/t/arc-draft-validation-tests.t0000644000175000017500000000065613725344750017754 0ustar marcmarc#!/usr/bin/env perl use strict; use warnings; use Test::More; use lib 't'; # number of tests currently in the validation yaml, not counting the sha1 tests plan tests => 168; my $nskip = 0; $nskip = $ARGV[0] if @ARGV > 0; use ArcTestSuite; my $Tests = new ArcTestSuite; $Tests->LoadFile('t/arc_test_suite/arc-draft-validation-tests.yml'); $Tests->SetOperation('validate'); $Tests->RunAllScenarios($nskip); done_testing(); Mail-DKIM-1.20200907/t/public_key.t0000755000175000017500000000331213725344750014742 0ustar marcmarc#!/usr/bin/perl -I../lib use strict; use warnings; use Test::RequiresInternet; use Test::More tests => 5; use Net::DNS::Resolver; use Mail::DKIM::Verifier; my $Resolver = Net::DNS::Resolver->new( nameservers => [ '1.1.1.1', '8.8.8.8' ], ); Mail::DKIM::DNS::resolver( $Resolver ); $Mail::DKIM::DNS::TIMEOUT = 3; # # this public key exists # my $pubkey = Mail::DKIM::PublicKey->fetch( Protocol => "dns", Selector => "key1", Domain => "test.authmilter.org", ); ok( $pubkey, "public key exists" ); # # this public key does not exist # $pubkey = Mail::DKIM::PublicKey->fetch( Protocol => "dns", Selector => "nonexistent", Domain => "test.authmilter.org", ); ok( !$pubkey, "public key should not exist" ); ok( $@ eq 'NODATA' || $@ eq 'NXDOMAIN', "reason given is NODATA or NXDOMAIN" ); SKIP: { skip "These tests are currently failing due to external factors", 1; $pubkey = eval { Mail::DKIM::PublicKey->fetch( Protocol => "dns", Selector => "foo", Domain => "blackhole.authmilter.org", ); }; my $E = $@; print "# got error: $E" if $E; ok( !$pubkey && $E && $E =~ /(timeout|timed? out)/, "timeout error fetching public key" ); } SKIP: { skip "test depends on specific DNS setup at test site", 1 unless ( $ENV{DNS_TESTS} && $ENV{DNS_TESTS} > 1 ); $pubkey = eval { Mail::DKIM::PublicKey->fetch( Protocol => "dns", Selector => "foo", Domain => "blackhole2.authmilter.org", ); }; my $E = $@; print "# got error: $E" if $E; ok( !$pubkey && $E && $E =~ /SERVFAIL/, "SERVFAIL dns error fetching public key" ); } Mail-DKIM-1.20200907/t/ArcTestSuite.pm0000644000175000017500000002154613725344750015352 0ustar marcmarcpackage ArcTestSuite; use strict; use warnings; use Data::Dumper; use YAML::XS; use Net::DNS::Resolver::Mock; use Mail::DKIM; #$Mail::DKIM::SORTTAGS = 1; use Mail::DKIM::ARC::Signer; use Mail::DKIM::ARC::Verifier; use Test::More; =head1 NAME ArcTestSuite - extract and run tests from the ARC YAML test suite =head1 CONSTRUCTOR =head2 new() - create a new test runner my $Tests = ArcTestSuite->new(Strict => 1/0); =cut sub new { my ( $class, %args ) = @_; my $self = {}; bless $self, $class; $self->{Strict} = $args{"Strict"}; $self->{Strict} = 1 if ! defined $self->{Strict}; return $self; } =head1 METHODS =head2 LoadFile() - load a YAML file of tests $Tests->LoadFile( $yamlfile ); Load the tests from a YAML file =cut sub LoadFile { my ( $self, $file ) = @_; my @data = YAML::XS::LoadFile($file); $self->{'tests'} = \@data; return; } =head2 SetOperation() - prepare to sign or validate $Tests->SetOperation( 'sign'|'validate' ); Tell it whether these are signing or validateing tests =cut sub SetOperation { my ( $self, $operation ) = @_; die "Invalid operation $operation" unless $operation =~ m{^(validate|sign)$}; $self->{'operation'} = $operation; return; } =head2 DumpTests $Tests->DumpTests("dir/%s") Dump each test message to a file as the test is run. The argument is a printf pattern for the filename with %s as the test name. =cut sub DumpTests { my ( $self, $testpat ) = @_; $self->{'testpat'} = $testpat; return; } my $nskip = 0; =head2 RunAllScenarios() - run all test scenarios $Test->RunAllScenarios($nskip) Iterate over all scenarios in the YAML and run the tests. The optional argument is how many tests to skip before actual testing. =cut sub RunAllScenarios { my ( $self, $nsx ) = @_; $nskip = $nsx if $nsx > 0; foreach my $Scenario ( @{ $self->{'tests'} } ) { $self->RunScenario($Scenario); } return; } =head2 RunScenario() - run all test scenarios $Test->RunScenario($scenario) Iterate over all the tests in the scenario and run them. =cut sub RunScenario { my ( $self, $scenario ) = @_; my $description = $scenario->{'description'}; my $tests = $scenario->{'tests'}; my $txt_records = $scenario->{'txt-records'} || q{}; my $comment = $scenario->{'comment'}; my $domain = $scenario->{'domain '}; my $sel = $scenario->{'sel'}; my $private_key = $scenario->{'privatekey'} || q{}; diag("--- $description ---") unless $ENV{HARNESS_ACTIVE}; # remove key BEGIN / END if ($private_key) { my @chompkey = split( "\n", $private_key ); $private_key = join( q{}, @chompkey[ 1 .. ( $#chompkey - 1 ) ] ); } my $ZoneFile = q{}; foreach my $Record ( sort keys %$txt_records ) { my $Txt = $txt_records->{$Record}; $ZoneFile .= $Record . '. 60 TXT'; foreach my $TxtLine ( split "\n", $Txt ) { $ZoneFile .= ' "' . $TxtLine . '"'; } $ZoneFile .= "\n"; } my $FakeResolver = Net::DNS::Resolver::Mock->new(); $FakeResolver->zonefile_parse($ZoneFile); TEST: foreach my $test ( sort keys %$tests ) { if ( $nskip > 0 ) { diag("skip $description - $test") unless $ENV{HARNESS_ACTIVE}; $nskip--; next; } my $testhash = $tests->{$test}; # keys relevant to validate and signing tests my $comment = $testhash->{'comment'}; my $cv = $testhash->{'cv'}; my $description = $testhash->{'description'}; my $message = $testhash->{'message'}; my $spec = $testhash->{'spec'}; # dump test to a file if ( $self->{'testpat'} ) { local *TOUT; my $tfn = $test; $tfn =~ s:[ /]:_:g; open TOUT, ">" . sprintf( $self->{'testpat'}, $tfn ) or die "cannot write file for $description"; print TOUT $message; close TOUT; } # HACK - skip sha1 tests if ( $test =~ /sha1/ ) { diag("Skip SHA-1 test $test") unless $ENV{HARNESS_ACTIVE}; next; } $message =~ s/\015?\012/\015\012/g; my $arc_result; if ( $self->{'operation'} eq 'validate' ) { if ( !defined $cv or $cv eq q{} ) { $cv = 'fail'; diag("Null test cv treated as fail for $description - $test") unless $ENV{HARNESS_ACTIVE}; } eval { my $arc = new Mail::DKIM::ARC::Verifier( Strict => $self->{"Strict"} ); Mail::DKIM::DNS::resolver($FakeResolver); $arc->PRINT($message); $arc->CLOSE(); $arc_result = $arc->result(); my $arc_result_detail = $arc->result_detail(); my $mycv = lc $arc_result eq 'pass' ? 'Pass' : lc $arc_result eq 'none' ? 'None' : 'Fail'; is( lc $mycv, lc $cv, "$description - $test ARC Result $mycv want $cv" ); if ( lc $mycv ne lc $cv ) { diag("Got: $arc_result ( $arc_result_detail )") unless $ENV{HARNESS_ACTIVE}; } }; if ( my $error = $@ ) { is( 0, 1, "$description- $test - died with $error" ); } next; } # keys relevant to signing tests only my $aar = $testhash->{'AAR'}; my $ams = $testhash->{'AMS'}; my $as = $testhash->{'AS'}; my $sigheaders = $testhash->{'sig-headers'}; my $srvid = $testhash->{'srv-id'} || $domain; my $t = $testhash->{'t'}; my $arc = Mail::DKIM::ARC::Signer->new( 'Algorithm' => 'rsa-sha256', 'Domain' => $domain, 'SrvId' => $srvid, 'Selector' => $sel, 'Key' => Mail::DKIM::PrivateKey->load( 'Data' => $private_key ), 'Chain' => 'ar' , # use the result from A-R, since message might have changed since verified 'Headers' => $sigheaders, 'Timestamp' => $t, ); $arc->{'NoDefaultHeaders'} = 1; $Mail::DKIM::SORTTAGS = 1; Mail::DKIM::DNS::resolver($FakeResolver); $arc->PRINT($message); $arc->CLOSE(); my $arcsign_result = $arc->as_string(); my $arcsign_as = $arc->{'_AS'}; my $arcsign_ams = $arc->{'_AMS'}; my $arcsign_aar = $arc->{'_AAR'}; is( sqish($arcsign_as), sqish( 'ARC-Seal: ' . $as ), "$description - $test ARC-Seal" ); is( sqish($arcsign_ams), sqish( 'ARC-Message-Signature: ' . $ams ), "$description - $test ARC-Message-Signature" ); is( sqsh($arcsign_aar), sqsh( 'ARC-Authentication-Results: ' . $aar ), "$description - $test ARC-Authentication-Results" ); } return; } # sort tags sub srt { my ($header) = @_; my ( $key, $value ) = split( ': ', $header, 2 ); $value =~ s/^\s+//gm; $value =~ s/\n//g; my @values = split( /;\s*/, $value ); # @values = map { local $_ = $_ ; s/^\s+|\s+$//g ; $_ } @values; @values = map { s/^\s+|\s+$//g } @values; my $sorted = join( '; ', sort @values ); return "$key: $sorted"; } # squash all white space sub sqish { my ($header) = @_; return "" unless $header; # completely empty my ( $key, $value ) = split( ': ', $header, 2 ); return "" unless $value; # empty value $value =~ s/[ \t\r\n]+//gs; # remove all white space $value =~ s/\s*;\s*/; /g; # squash put in one space around semicolons #print "SQUISH $key: $value\n"; return "$key: $value"; } # squash white space between fields sub sqsh { my ($header) = @_; return "" unless $header; # completely empty my ( $key, $value ) = split( ': ', $header, 2 ); return "" unless $value; # empty value $value =~ s/^\s+|[ \t\r\n]+$//gs; # remove leading and trailing white space $value =~ s/\n/ /g; # flatten into one line $value =~ s/\s*;\s*/; /g; # squash white space around semicolons #print "SQUASH $key: $value\n"; return "$key: $value"; } 1; __END__ =head1 AUTHORS Bron Gondwana, Ebrong@fastmailteam.comE, John Levine, Ejohn.levine@standcore.comE =head1 COPYRIGHT AND LICENSE Copyright (C) 2017 by FastMail Pty Ltd Copyright 2017 by Standcore LLC This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available. =cut Mail-DKIM-1.20200907/t/arc-signer.t0000644000175000017500000000701413725344750014646 0ustar marcmarc#!/usr/bin/perl -I../lib use strict; use warnings; use Test::Simple tests => 12; use Mail::DKIM::ARC::Signer; my $tdir = -f "t/test.key" ? "t" : "."; my $keyfile = "$tdir/test.key"; my $arc = Mail::DKIM::ARC::Signer->new( Algorithm => "rsa-sha256", Domain => "example.org", Selector => "test", Chain => "ar", KeyFile => $keyfile ); ok($arc, "new() works"); ## Chain ar, no AR header my $sample_email = < Subject: hi there Comment: what is a comment this is a sample message END_OF_SAMPLE $sample_email =~ s/\n/\015\012/gs; $arc->PRINT($sample_email); $arc->CLOSE; ok($arc->result() eq 'skipped', 'result() is skipped'); ## Chain ar, not my AR header $sample_email = < Subject: hi there Comment: what is a comment this is a sample message END_OF_SAMPLE $sample_email =~ s/\n/\015\012/gs; $arc = Mail::DKIM::ARC::Signer->new( Algorithm => "rsa-sha256", Domain => "example.org", Selector => "test", Chain => "ar", KeyFile => $keyfile ); $arc->PRINT($sample_email); $arc->CLOSE; ok($arc->result() eq 'skipped', 'result() is skipped'); ## Chain ar, AR header none $sample_email = < Subject: hi there Comment: what is a comment this is a sample message END_OF_SAMPLE $sample_email =~ s/\n/\015\012/gs; $arc = Mail::DKIM::ARC::Signer->new( Algorithm => "rsa-sha256", Domain => "example.org", Selector => "test", Chain => "ar", KeyFile => $keyfile ); $arc->PRINT($sample_email); $arc->CLOSE; ok($arc->result() eq 'sealed', 'result() is sealed'); my ($as, $ams, $aar) = $arc->as_strings(); ok($as =~ m/\bcv=none\b/, 'AS has cv=none'); ok($aar =~ m/\Q example.org; none\E/, 'AAR has AR contents'); ## Chain ar, AR header pass $sample_email = < Subject: hi there Comment: what is a comment this is a sample message END_OF_SAMPLE $sample_email =~ s/\n/\015\012/gs; $arc = Mail::DKIM::ARC::Signer->new( Algorithm => "rsa-sha256", Domain => "example.org", Selector => "test", Chain => "ar", KeyFile => $keyfile ); $arc->PRINT($sample_email); $arc->CLOSE; ok($arc->result() eq 'sealed', 'result() is sealed'); ($as, $ams, $aar) = $arc->as_strings(); ok($as =~ m/\bcv=pass\b/, 'AS has cv=pass'); ok($aar =~ m/\Q example.org; dkim=none (no signatures); arc=pass (something or other)\E/, 'AAR has AR contents and expected formatting'); ## Chain ar, AR header fail $sample_email = < Subject: hi there Comment: what is a comment this is a sample message END_OF_SAMPLE $sample_email =~ s/\n/\015\012/gs; $arc = Mail::DKIM::ARC::Signer->new( Algorithm => "rsa-sha256", Domain => "example.org", Selector => "test", Chain => "ar", KeyFile => $keyfile ); $arc->PRINT($sample_email); $arc->CLOSE; ok($arc->result() eq 'sealed', 'result() is sealed'); ($as, $ams, $aar) = $arc->as_strings(); ok($as =~ m/\bcv=fail\b/, 'AS has cv=fail'); ok($aar =~ m/\Q example.org;\E\015\012\Q arc=fail (bad something);\E\015\012\Q spf=pass smtp.mailfrom=\E/, 'AAR has AR contents and expected formatting'); Mail-DKIM-1.20200907/t/signer_dk.t0000755000175000017500000000472013725344750014565 0ustar marcmarc#!/usr/bin/perl -I../lib use strict; use warnings; use Test::Simple tests => 8; use Mail::DKIM::Signer; use Mail::DKIM::DkSignature; # The main purpose of this set of tests is to ensure that I am aware # whenever a change in my code causes the generated signature to change # for DomainKeys signatures. Generally this should never occur for a # change in DomainKeys code. (In contrast to DKIM, where the generated # signature gets included in the signature, so any changes to the format # of the signature will cause the hash to change.) # { my %sig_args; my $policyfn = sub { my $signer = shift; if ( $sig_args{Headers} && $sig_args{Headers} eq "*" ) { $sig_args{Headers} = $signer->headers; } $signer->add_signature( Mail::DKIM::DkSignature->new(%sig_args) ); return; }; my $tdir = -f "t/test.key" ? "t" : "."; my $keyfile = "$tdir/test.key"; my $sample_email = < Subject: hi there Comment: what is a comment this is a sample message END_OF_SAMPLE $sample_email =~ s/\n/\015\012/gs; sub sign_sample_using_args { %sig_args = ( Algorithm => "rsa-sha1", Selector => "test8", Domain => "messiah.edu", @_, ); my $dkim = Mail::DKIM::Signer->new( Policy => $policyfn, KeyFile => $keyfile, ); $dkim->PRINT($sample_email); $dkim->CLOSE; my $signature = $dkim->signature; return $signature; } } my $signature; $signature = sign_sample_using_args( Method => "simple", ); ok( $signature, "signature() works" ); print "# " . $signature->as_string . "\n"; ok( $signature->data =~ /^TL93PzPvedAijHChCAt/, "got expected signature" ); $signature = sign_sample_using_args( Method => "simple", Headers => "*", ); ok( $signature, "signature() works" ); print "# " . $signature->as_string . "\n"; ok( $signature->data =~ /^n\+qfVkhQPch80atOC7/, "got expected signature" ); $signature = sign_sample_using_args( Method => "nofws", ); ok( $signature, "signature() works" ); print "# " . $signature->as_string . "\n"; ok( $signature->data =~ /^JWzIzvCZBIYnoMebzKU/, "got expected signature" ); $signature = sign_sample_using_args( Method => "nofws", Headers => "*", ); ok( $signature, "signature() works" ); print "# " . $signature->as_string . "\n"; ok( $signature->data =~ /^fkDC8iF/, "got expected signature" ); Mail-DKIM-1.20200907/t/author-pod-syntax.t0000644000175000017500000000045413725344750016223 0ustar marcmarc#!perl BEGIN { unless ($ENV{AUTHOR_TESTING}) { print qq{1..0 # SKIP these tests are for testing by the author\n}; exit } } # This file was automatically generated by Dist::Zilla::Plugin::PodSyntaxTests. use strict; use warnings; use Test::More; use Test::Pod 1.41; all_pod_files_ok(); Mail-DKIM-1.20200907/t/arc-draft-sign-tests.t0000644000175000017500000000060513725344750016554 0ustar marcmarc#!/usr/bin/env perl use strict; use warnings; use Test::More; use lib 't'; # number of tests currently in the signing yaml plan tests => 51; my $nskip = 0; $nskip = $ARGV[0] if @ARGV > 0; use ArcTestSuite; my $Tests = new ArcTestSuite(); $Tests->LoadFile('t/arc_test_suite/arc-draft-sign-tests.yml'); $Tests->SetOperation('sign'); $Tests->RunAllScenarios($nskip); done_testing(); Mail-DKIM-1.20200907/t/Mail-DKIM.t0000644000175000017500000000072413725344750014221 0ustar marcmarc# Before `make install' is performed this script should be runnable with # `make test'. After `make install' it should work as `perl Mail-DKIM.t' ######################### # change 'tests => 1' to 'tests => last_test_to_print'; use Test::More tests => 1; BEGIN { use_ok('Mail::DKIM') } ######################### # Insert your test code below, the Test::More module is use()ed here so read # its man page ( perldoc Test::More ) for help writing this test script. Mail-DKIM-1.20200907/t/test.key0000644000175000017500000000156713725344750014127 0ustar marcmarc-----BEGIN RSA PRIVATE KEY----- MIICXAIBAAKBgQC848PMQXuR6V4Tbj3Wb2TN/4Qon0v8ch1WoS0v5wC4/2FXHaH5 g7xNwtIwgfE7kxkSqv1LnS4tUrpHjWcXJhtCkT9wkI0FOVFzKHRc7Gy7vYSFMUCn ojiVVQjxY6bnyPLIIP2l/D++0awe+XCWQsjFZ+CHW5Lo/lQ/bdrUcYEU/QIDAQAB AoGAFpfr0J+4hyBx10MldGPIm/dHOJCtRxnjNnx66jLoXDh3zTLHMBA40thNye2R DD4xDpGTUJsRbexqSaq5PQSa1+vQuJDsbDu24HYoczevvdWBOBq3aR4OZOBnfueY bqxiY1TfKTHaC+2lNyKWn/wb+FKDPogrymPDSQ9A26UgjGUCQQDp9jv7V1Bd5rGm ZTMUnh4A1tqTF2Ba65/qZHRHW0TDvjdmjvOnRwzjSTGljVZ/g+KKbrjNuh4vu3w2 PxvwAsZbAkEAzq6osN7uXKu0kxvz6+SDHQP1qo3ePNVnGlvhsRp6mL+paJwnPo+L w9RR83Vvz2tG6Tcez96FheEzvIagokZhhwJAY6lVYbqO7IER2cywFq9IHplnYFML 448Nft4tvhu9zhggJ1rrpa0Za1RJhrkPSKBYhxmlNVV7+F9ICR+W+gVkkwJBAJA7 tP9RY9iJ/wcWX7/EBXevNraiMHAVoND1Q+gbCWklf6zAJGb1N90eg146GyANxjuk Or1nlZibU0aCUQFNymsCQDb7Wwq+ajK6WhLN5zAYYcyh2xKaJ7kylBMQqeB0eQ5Z ugJSnXpSRrz11qMO/ClWOoipHz+iH0SU5njjSdER1x8= -----END RSA PRIVATE KEY----- Mail-DKIM-1.20200907/t/verifier_strict.t0000644000175000017500000000606713725344750016026 0ustar marcmarc#!/usr/bin/perl -I../lib use strict; use warnings; use Test::More tests => 4; use Mail::DKIM::Verifier; my $homedir = ( -d "t" ) ? "t" : "."; sub read_file { my $srcfile = shift; open my $fh, "<", $srcfile or die "Error: can't open $srcfile: $!\n"; binmode $fh; local $/; my $content = <$fh>; close $fh; return $content; } sub test_email_strict { my ( $file, $expected_result ) = @_; print "# verifying message '$file'\n"; my $dkim = Mail::DKIM::Verifier->new( 'Strict' => 1 ); my $path = "$homedir/corpus/$file"; my $email = read_file($path); $dkim->PRINT($email); $dkim->CLOSE; my $result = $dkim->result; print "# result: " . $dkim->result_detail . "\n"; ok( $result eq $expected_result, "'$file' should '$expected_result'" ); } # Test strict mode test_email_strict( "good_1878523.txt", "invalid" ); test_email_strict( "good_ietf01_1.txt", "fail" ); test_email_strict( "good_qp_1.txt", "invalid" ); test_email_strict( "mine_ietf01_3.txt", "pass" ); # override the DNS implementation, so that these tests do not # rely on DNS servers I have no control over my $CACHE; sub Mail::DKIM::DNS::fake_query { my ( $domain, $type ) = @_; die "can't lookup $type record" if $type ne "TXT"; unless ($CACHE) { open my $fh, "<", "$homedir/FAKE_DNS.dat" or die "Error: cannot read $homedir/FAKE_DNS.dat: $!\n"; $CACHE = {}; while (<$fh>) { chomp; next if /^\s*[#;]/ || /^\s*$/; my ( $k, $v ) = split /\s+/, $_, 2; $CACHE->{$k} = ( $v =~ /^~~(.*)~~$/ ) ? "$1" : $v eq "NXDOMAIN" ? [] : [ bless \$v, "FakeDNS::Record" ]; } close $fh; } if ( not exists $CACHE->{$domain} ) { warn "did not cache that DNS entry: $domain\n"; print STDERR ">>>\n"; my @result = Mail::DKIM::DNS::orig_query( $domain, $type ); if ( !@result ) { print STDERR "No results: $@\n"; } else { foreach my $rr (@result) { # join with no intervening spaces, RFC 6376 if ( Net::DNS->VERSION >= 0.69 ) { # must call txtdata() in a list context printf STDERR ( "%s\n", join( "", $rr->txtdata ) ); } else { # char_str_list method is 'historical' printf STDERR ( "%s\n", join( "", $rr->char_str_list ) ); } } } print STDERR "<<<\n"; die; } if ( ref $CACHE->{$domain} ) { return @{ $CACHE->{$domain} }; } else { die "DNS error: $CACHE->{$domain}\n"; } } BEGIN { unless ( $ENV{use_real_dns} ) { *Mail::DKIM::DNS::orig_query = *Mail::DKIM::DNS::query; *Mail::DKIM::DNS::query = *Mail::DKIM::DNS::fake_query; } } package FakeDNS::Record; sub type { return "TXT"; } sub char_str_list { return ${ $_[0] }; } sub txtdata { return ${ $_[0] }; } Mail-DKIM-1.20200907/t/simple_canonicalization.t0000755000175000017500000000230313725344750017511 0ustar marcmarc#!/usr/bin/perl use strict; use warnings; use Test::Simple tests => 4; use Mail::DKIM::Canonicalization::simple; use Mail::DKIM::Signature; my $dkim_signature = "DKIM-Signature: h=from:subject; s=test; d=example.org; b="; my $signature = Mail::DKIM::Signature->parse($dkim_signature); ok( $signature, "create signature works" ); my $method = Mail::DKIM::Canonicalization::simple->new( Signature => $signature ); ok( $method, "new() works" ); my @tmp_headers = ( "from :\tJason\015\012", "Subject: this is the\015\012 subject\015\012", ); $method->add_header( $tmp_headers[0] ); $method->add_header( $tmp_headers[1] ); $method->finish_header( Headers => \@tmp_headers ); $method->add_body("This is the body.\015\012"); $method->add_body("Another line of the body.\015\12"); $method->finish_body; $method->finish_message; ok( 1, "finish_message() works" ); my $expected = "from : Jason Subject: this is the subject This is the body. Another line of the body. $dkim_signature"; $expected =~ s/\n/\015\012/gs; ok( $method->result eq $expected, "got expected result" ); # uncomment this if you're not getting the expected result #print ">" . $method->result . "<\n"; #print ">" . $expected . "<\n"; Mail-DKIM-1.20200907/t/FAKE_DNS.dat0000644000175000017500000001010213725344750014323 0ustar marcmarc# this file contains DNS records used by verifier.t # selector1._domainkey.messiah.edu k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDhMlYqwtUA9UrrDcNp/IMtdFnytggDl5oIAzJ55oWzPILZE7eX4hLdP6WperHm1WJ9M32XsiKrr4TDbWfp4WjGWBnXf8QMi+WlDuEFOvwVRC/uWy+sAiEf3VcBR5KjGvDovPnGSnW8uDntSOY4HlkTJF/BTWnk29zKmlGyGnw9mQIDAQAB test1._domainkey.messiah.edu v=DKIM1; t=y; s=email; p=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALgSoqXVSEmfcIsOzw7oRuCCOwsmtX/SJnTWxYyj2leFxfS/AVJ+dYfY+hXqMsT7l+MZvvh/R1WzN4MO/kI/7XsCAwEAAQ== test2._domainkey.messiah.edu v=DKIM1; s=email:web:fine; x1 = extra ; t = y:n:extra; h=md5:sha1; p=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALgSoqXVSEmfcIsOzw7oRuCCOwsmtX/SJnTWxYyj2leFxfS/AVJ+dYfY+hXqMsT7l+MZvvh/R1WzN4MO/kI/7XsCAwEAAQ== ; test3._domainkey.messiah.edu v=DKIM1; g=jl*g; p=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALgSoqXVSEmfcIsOzw7oRuCCOwsmtX/SJnTWxYyj2leFxfS/AVJ+dYfY+hXqMsT7l+MZvvh/R1WzN4MO/kI/7XsCAwEAAQ== test4._domainkey.messiah.edu v=DKIM1; g=; p=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALgSoqXVSEmfcIsOzw7oRuCCOwsmtX/SJnTWxYyj2leFxfS/AVJ+dYfY+hXqMsT7l+MZvvh/R1WzN4MO/kI/7XsCAwEAAQ== test5._domainkey.messiah.edu v=DKIM1; t=s; p=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALgSoqXVSEmfcIsOzw7oRuCCOwsmtX/SJnTWxYyj2leFxfS/AVJ+dYfY+hXqMsT7l+MZvvh/R1WzN4MO/kI/7XsCAwEAAQ== test6._domainkey.messiah.edu v=DKIM1; k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbkmfdB0MGEQbLivEOYOyH4A0vkM3tZB+vsQnzmIpKJoDxPUjNS9ZRtjycm+EO1jP1yLet3NNSYLbRp1qwi9q1qXbDVfqI0d6LI67LQyrs/AKiw03++aNhqHMJNrSuKQdR+LD9QJxinWVB1KI8wcC2k5IKZ1bJQ1A7bg7b2+uTlwIDAQAB testbad1._domainkey.messiah.edu v=DKIM3; t=y; p=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALgSoqXVSEmfcIsOzw7oRuCCOwsmtX/SJnTWxYyj2leFxfS/AVJ+dYfY+hXqMsT7l+MZvvh/R1WzN4MO/kI/7XsCAwEAAQ== testbad2._domainkey.messiah.edu k=rsa; t; p=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALgSoqXVSEmfcIsOzw7oRuCCOwsmtX/SJnTWxYyj2leFxfS/AVJ+dYfY+hXqMsT7l+MZvvh/R1WzN4MO/kI/7XsCAwEAAQ== testbad3._domainkey.messiah.edu k=foobar; t=y; p=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALgSoqXVSEmfcIsOzw7oRuCCOwsmtX/SJnTWxYyj2leFxfS/AVJ+dYfY+hXqMsT7l+MZvvh/R1WzN4MO/kI/7XsCAwEAAQ== testbad4._domainkey.messiah.edu v=DKIM1; s=chat; p=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALgSoqXVSEmfcIsOzw7oRuCCOwsmtX/SJnTWxYyj2leFxfS/AVJ+dYfY+hXqMsT7l+MZvvh/R1WzN4MO/kI/7XsCAwEAAQ== testbad7._domainkey.messiah.edu v=DKIM1; h=bad; p=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALgSoqXVSEmfcIsOzw7oRuCCOwsmtX/SJnTWxYyj2leFxfS/AVJ+dYfY+hXqMsT7l+MZvvh/R1WzN4MO/kI/7XsCAwEAAQ== testbad8._domainkey.messiah.edu v=DKIM1; g=*poe; p=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALgSoqXVSEmfcIsOzw7oRuCCOwsmtX/SJnTWxYyj2leFxfS/AVJ+dYfY+hXqMsT7l+MZvvh/R1WzN4MO/kI/7XsCAwEAAQ== testrevoked._domainkey.messiah.edu k=rsa; t=y; p= s1024._domainkey.yahoo.com k=rsa; t=y; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDrEee0Ri4Juz+QfiWYui/E9UGSXau/2P8LjnTD8V4Unn+2FAZVGE3kL23bzeoULYv4PeleB3gfmJiDJOKU3Ns5L4KJAUUHjFwDebt0NP+sBK0VKeTATL2Yr/S3bT/xhy+1xtj4RkdV7fVxTn56Lb4udUnwuxK4V5b5PdOKj/+XcwIDAQAB; n=A 1024 bit key; beta._domainkey.gmail.com t=y; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC69TURXN3oNfz+G/m3g5rt4P6nsKmVgU1D6cw2X6BnxKJNlQKm10f8tMx6P6bN7juTR1BeD8ubaGqtzm2rWK4LiMJqhoQcwQziGbK1zp/MkdXZEWMCflLY6oUITrivK7JNOLXtZbdxJG2y/RAHGswKKyVhSP9niRsZF/IBr5p8uQIDAQAB jakla2._domainkey.ijs.si v=DKIM1; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvWSehCSmnxlhzM+P1Ai+7CgzeAcvkL3RdoHFq8JwtpKN3iLnp/s1yRwE/heAi4QQXxDRdlB0bJm5NxZOsckzK7tJM8EdkebMjyXeKOzBKoJaOIlsx4WC2qHqORB0RLqm4lqJFYZJpUypEpskeAGy7WBG7a+1hOlir9+Tf9xtOkwIDAQAB shan._domainkey.vmt2.cis.att.net v=DKIM1; k=rsa; h=sha1:sha256:sha512;n=send%20comments%20to%20tony%40att%2Ecom; g=*; s=*;p=MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhALSQ1y/+tHT1d9XvpiVap4Z+GFaydEmDgfC48m3wLLmDqfKBADWYIqrCnfKPvZPzGYzo+aJMEiAOTtiNxPWYToiTfJlTpn2YyEEz6OUIXw0uc+NfEQviN4QQr0jVX9yRjwIDAQAB foo._domainkey.vmt2.cis.att.net v=DKIM1; k=rsa; n=send%20comments%20to%20tony%40att%2Ecom; g=*; s=*;p=MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhALSQ1y/+tHT1d9XvpiVap4Z+GFaydEmDgfC48m3wLLmDqfKBADWYIqrCnfKPvZPzGYzo+aJMEiAOTtiNxPWYToiTfJlTpn2YyEEz6OUIXw0uc+NfEQviN4QQr0jVX9yRjwIDAQAB nonexistent._domainkey.messiah.edu NXDOMAIN test3._domainkey.blackhole.messiah.edu ~~Query timed out~~ test3._domainkey.blackhole2.messiah.edu ~~SERVFAIL~~ Mail-DKIM-1.20200907/t/verifier.t0000755000175000017500000002424313725344750014435 0ustar marcmarc#!/usr/bin/perl -I../lib use strict; use warnings; use Test::More tests => 105; use Mail::DKIM::Verifier; my $homedir = ( -d "t" ) ? "t" : "."; my $dkim = Mail::DKIM::Verifier->new(); ok( $dkim, "new() works" ); $dkim = Mail::DKIM::Verifier->new_object(); ok( $dkim, "new_object() works" ); my $sample_email = read_file("$homedir/test5.txt"); ok( $sample_email, "able to read sample email" ); ok( $sample_email =~ /\015\012/, "sample has proper line endings" ); $dkim->PRINT($sample_email); $dkim->CLOSE; my $result = $dkim->result; ok( $result, "result() works" ); SKIP: { skip "older-prestandard DKIM signatures", 5; test_email( "good_ietf00_1.txt", "pass" ); test_email( "good_ietf00_2.txt", "pass" ); test_email( "good_ietf00_3.txt", "pass" ); test_email( "good_ietf00_4.txt", "pass" ); test_email( "good_ietf00_5.txt", "pass" ); } test_email( "mine_ietf01_1.txt", "pass" ); test_email( "mine_ietf01_2.txt", "pass" ); test_email( "mine_ietf01_3.txt", "pass" ); test_email( "mine_ietf01_4.txt", "pass" ); test_email( "mine_ietf05_1.txt", "pass" ); test_email( "good_ietf01_1.txt", "pass" ); test_email( "good_ietf01_2.txt", "pass" ); test_email( "good_rfc4871_3.txt", "pass" ); # tests extra tags in signature test_email( "good_rfc4871_4.txt", "pass" ); # case-differing domain name test_email( "good_1878523.txt", "pass" ); # test issue #1878523 test_email( "good_83176.txt", "pass" ); # test issue #83176 test_email( "multiple_1.txt", "pass" ); test_email( "multiple_2.txt", "pass" ); my @sigs = $dkim->signatures; ok( $sigs[0]->result eq "invalid", "first signature is 'invalid'" ); ok( $sigs[1]->result eq "pass", "second signature is 'pass'" ); ok( $sigs[2]->result eq "fail", "third signature is 'fail'" ); test_email( "good_qp_1.txt", "pass" ); # tests i= quoted-printable value test_email( "good_qp_2.txt", "pass" ); # tests i= quoted-printable value test_email( "good_qp_3.txt", "pass" ); # tests i= quoted-printable value test_email( "bad_ietf01_1.txt", "fail" ); ok( $dkim->result_detail =~ /body/, "determined body had been altered" ); test_email( "bad_ietf01_2.txt", "fail" ); ok( $dkim->result_detail =~ /message/, "determined message had been altered" ); test_email( "bad_ietf01_3.txt", "fail" ); ok( $dkim->result_detail =~ /RSA/, "determined RSA failure" ); test_email( "bad_1.txt", "fail" ); #openssl error print "# " . $dkim->result_detail . "\n"; SKIP: { skip "did not recognize OpenSSL error", 1 unless ( $dkim->result_detail =~ /OpenSSL/i ); like( $dkim->result_detail, qr/OpenSSL/i, "determined OpenSSL error" ); } test_email( "bad_1878954.txt", "fail" ); # shouldn't die # test older DomainKeys messages, from Gmail and Yahoo! test_email( "good_dk_gmail.txt", "pass" ); test_email( "good_dk_yahoo.txt", "pass" ); test_email( "good_dk_1.txt", "pass" ); test_email( "good_dk_2.txt", "pass" ); test_email( "good_dk_3.txt", "pass" ); # key with g= tag (ident in From header) test_email( "good_dk_4.txt", "pass" ); # key with g= tag (ident in Sender head) test_email( "good_dk_5.txt", "pass" ); # key with empty g= test_email( "good_dk_6.txt", "pass" ); # no h= tag test_email( "good_dk_7.txt", "pass" ); # case-differing domain names test_email( "dk_headers_1.txt", "pass" ); test_email( "dk_headers_2.txt", "pass" ); test_email( "bad_dk_1.txt", "invalid" ) ; # sig. domain != From header (no Sender) test_email( "bad_dk_2.txt", "invalid" ); # added Sender header, no h= tag SKIP: { skip "missing q= tag on DomainKey signature accepted", 1; test_email( "bad_dk_3.txt", "invalid" ); # no q= tag } test_email( "bad_dk_4.txt", "invalid" ); # empty q= tag test_email( "bad_dk_5.txt", "invalid" ); # unrecognized q= tag test_email( "dk_multiple_1.txt", "pass" ); my @dksigs = $dkim->signatures; ok( @dksigs == 2, "found two signatures" ); ok( $dksigs[0]->result eq "pass", "first signature is 'pass'" ); ok( $dksigs[1]->result eq "pass", "second signature is 'pass'" ); # test empty/missing body - simple canonicalization test_email( "no_body_1.txt", "pass" ); test_email( "no_body_2.txt", "pass" ); test_email( "no_body_3.txt", "pass" ); # # test various problems with the signature itself # test_email( "ignore_1.txt", "invalid" ); # unsupported v= tag (v=5) test_email( "ignore_2.txt", "invalid" ); # unsupported a= tag (a=rsa-md5) test_email( "ignore_3.txt", "invalid" ); # unsupported a= tag (a=dsa-sha1) test_email( "ignore_4.txt", "invalid" ); # unsupported c= tag (c=future) test_email( "ignore_5.txt", "invalid" ); # unsupported q= tag (q=http) test_email( "ignore_6.txt", "invalid" ); # unsupported q= tag (q=dns/special) test_email( "ignore_7.txt", "invalid" ); # expired signature test_email( "ignore_8.txt", "invalid" ); # bad i= value # # test variants on the public key # test_email( "goodkey_1.txt", "pass" ); # public key with s=email test_email( "goodkey_2.txt", "pass" ) ; # public key with extra tags, h=, s=, etc. test_email( "goodkey_3.txt", "pass" ); # public key with g=jl*g test_email( "goodkey_4.txt", "pass" ); # public key with implied g # # test problems with the public key # test_email( "badkey_1.txt", "invalid" ); # public key NXDOMAIN ok( $dkim->result_detail =~ /public key/, "detail mentions public key" ); test_email( "badkey_2.txt", "invalid" ); # public key REVOKED ok( $dkim->result_detail =~ /public key/, "detail mentions public key" ); test_email( "badkey_3.txt", "invalid" ); # public key unsupported v= tag ok( $dkim->result_detail =~ /public key/, "detail mentions public key" ); test_email( "badkey_4.txt", "invalid" ); # public key syntax error ok( $dkim->result_detail =~ /public key/, "detail mentions public key" ); test_email( "badkey_5.txt", "invalid" ); # public key unsupported k= tag ok( $dkim->result_detail =~ /public key/, "detail mentions public key" ); test_email( "badkey_6.txt", "invalid" ); # public key unsupported s= tag ok( $dkim->result_detail =~ /public key/, "detail mentions public key" ); test_email( "badkey_7.txt", "invalid" ); # public key unsupported h= tag ok( $dkim->result_detail =~ /public key/, "detail mentions public key" ); test_email( "badkey_8.txt", "invalid" ); # public key unmatched g= tag ok( $dkim->result_detail =~ /public key/, "detail mentions public key" ); test_email( "badkey_9.txt", "invalid" ); # public key empty g= tag ok( $dkim->result_detail =~ /public key/, "detail mentions public key" ); test_email( "badkey_10.txt", "invalid" ); # public key requires i == d ok( $dkim->result_detail =~ /public key/, "detail mentions public key" ); test_email( "badkey_11.txt", "invalid" ); # public key unmatched h= tag ok( $dkim->result_detail =~ /public key/, "detail mentions public key" ); test_email( "badkey_12.txt", "invalid" ); # public key g= != i= by case ok( $dkim->result_detail =~ /public key/, "detail mentions public key" ); test_email( "badkey_13.txt", "invalid" ) ; # public key g= matches From but not i= ok( $dkim->result_detail =~ /public key/, "detail mentions public key" ); test_email( "badkey_14.txt", "invalid" ); # dns error (timeout) ok( $dkim->result_detail =~ /public key/, "detail mentions public key" ); ok( $dkim->result_detail =~ /dns.*timed? ?out/i, "type of dns failure" ); test_email( "badkey_15.txt", "invalid" ); # dns error (SERVFAIL) ok( $dkim->result_detail =~ /public key/, "detail mentions public key" ); ok( $dkim->result_detail =~ /dns.*SERVFAIL/i, "type of dns failure" ); sub read_file { my $srcfile = shift; open my $fh, "<", $srcfile or die "Error: can't open $srcfile: $!\n"; binmode $fh; local $/; my $content = <$fh>; close $fh; return $content; } sub test_email { my ( $file, $expected_result ) = @_; print "# verifying message '$file'\n"; $dkim = Mail::DKIM::Verifier->new(); my $path = "$homedir/corpus/$file"; my $email = read_file($path); $dkim->PRINT($email); $dkim->CLOSE; my $result = $dkim->result; print "# result: " . $dkim->result_detail . "\n"; ok( $result eq $expected_result, "'$file' should '$expected_result'" ); } # override the DNS implementation, so that these tests do not # rely on DNS servers I have no control over my $CACHE; sub Mail::DKIM::DNS::fake_query { my ( $domain, $type ) = @_; die "can't lookup $type record" if $type ne "TXT"; unless ($CACHE) { open my $fh, "<", "$homedir/FAKE_DNS.dat" or die "Error: cannot read $homedir/FAKE_DNS.dat: $!\n"; $CACHE = {}; while (<$fh>) { chomp; next if /^\s*[#;]/ || /^\s*$/; my ( $k, $v ) = split /\s+/, $_, 2; $CACHE->{$k} = ( $v =~ /^~~(.*)~~$/ ) ? "$1" : $v eq "NXDOMAIN" ? [] : [ bless \$v, "FakeDNS::Record" ]; } close $fh; } if ( not exists $CACHE->{$domain} ) { warn "did not cache that DNS entry: $domain\n"; print STDERR ">>>\n"; my @result = Mail::DKIM::DNS::orig_query( $domain, $type ); if ( !@result ) { print STDERR "No results: $@\n"; } else { foreach my $rr (@result) { # join with no intervening spaces, RFC 6376 if ( Net::DNS->VERSION >= 0.69 ) { # must call txtdata() in a list context printf STDERR ( "%s\n", join( "", $rr->txtdata ) ); } else { # char_str_list method is 'historical' printf STDERR ( "%s\n", join( "", $rr->char_str_list ) ); } } } print STDERR "<<<\n"; die; } if ( ref $CACHE->{$domain} ) { return @{ $CACHE->{$domain} }; } else { die "DNS error: $CACHE->{$domain}\n"; } } BEGIN { unless ( $ENV{use_real_dns} ) { *Mail::DKIM::DNS::orig_query = *Mail::DKIM::DNS::query; *Mail::DKIM::DNS::query = *Mail::DKIM::DNS::fake_query; } } package FakeDNS::Record; sub type { return "TXT"; } sub char_str_list { return ${ $_[0] }; } sub txtdata { return ${ $_[0] }; } Mail-DKIM-1.20200907/t/arc_test_suite/0000775000175000017500000000000013725344750015444 5ustar marcmarcMail-DKIM-1.20200907/t/arc_test_suite/arc-draft-sign-tests.yml0000644000175000017500000011421613725344750022133 0ustar marcmarcdescription: >- Canonicalization tests: message_body_eol_wsp: spec: 12/16 description: message body eol whitespace ignored message: | Authentication-Results: (testing) lists.example.org (test); arc=none; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Authentication-Results: Garbage Authentication-Results Header - SHOULD NOT PARSE MIME-Version: 1.0 Return-Path: Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. t: 12345 sig-headers: mime-version:date:from:to:subject srv-id: lists.example.org AS: | a=rsa-sha256; b=Pg8Yyk1AgYy2l+kb6iy+mY106AXm5EdgDwJhLP7+XyT6yaS38ZUho+bmgSDorV+LyARH4A 967A/oWMX3coyC7pAGyI+hA3+JifL7P3/aIVP4ooRJ/WUgT79snPuulxE15jg6FgQE68ObA1 /hy77BxdbD9EQxFGNcr/wCKQoeKJ8=; cv=none; d=example.org; i=1; s=dummy; t=12345 AMS: | a=rsa-sha256; b=XWeK9DxQ8MUm+Me5GLZ5lQ3L49RdoFv7m7VlrAkKb3/C7jjw33TrTY0KYI5lkowvEGnAtm 5lAqLz67FxA/VrJc2JiYFQR/mBoJLLz/hh9y77byYmSO9tLfIDe2A83+6QsXHO3K6PxTz7+v rCB4wHD9GADeUKVfHzmpZhFuYOa88=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=mime-version:date:from:to:subject; i=1; s=dummy; t=12345 AAR: | i=1; lists.example.org; arc=none; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass message_body_inl_wsp: spec: 12/16 description: message body inline whitespace reduced message: | Authentication-Results: lists.example.org; arc=none; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. t: 12345 sig-headers: mime-version:date:from:to:subject srv-id: lists.example.org AS: | a=rsa-sha256; b=Pg8Yyk1AgYy2l+kb6iy+mY106AXm5EdgDwJhLP7+XyT6yaS38ZUho+bmgSDorV+LyARH4A 967A/oWMX3coyC7pAGyI+hA3+JifL7P3/aIVP4ooRJ/WUgT79snPuulxE15jg6FgQE68ObA1 /hy77BxdbD9EQxFGNcr/wCKQoeKJ8=; cv=none; d=example.org; i=1; s=dummy; t=12345 AMS: | a=rsa-sha256; b=XWeK9DxQ8MUm+Me5GLZ5lQ3L49RdoFv7m7VlrAkKb3/C7jjw33TrTY0KYI5lkowvEGnAtm 5lAqLz67FxA/VrJc2JiYFQR/mBoJLLz/hh9y77byYmSO9tLfIDe2A83+6QsXHO3K6PxTz7+v rCB4wHD9GADeUKVfHzmpZhFuYOa88=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=mime-version:date:from:to:subject; i=1; s=dummy; t=12345 AAR: | i=1; lists.example.org; arc=none; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass message_body_end_lines: spec: 12/16 description: message body ignore trailing empty lines message: | Authentication-Results: lists.example.org; arc=none; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. t: 12345 sig-headers: mime-version:date:from:to:subject srv-id: lists.example.org AS: | a=rsa-sha256; b=Pg8Yyk1AgYy2l+kb6iy+mY106AXm5EdgDwJhLP7+XyT6yaS38ZUho+bmgSDorV+LyARH4A 967A/oWMX3coyC7pAGyI+hA3+JifL7P3/aIVP4ooRJ/WUgT79snPuulxE15jg6FgQE68ObA1 /hy77BxdbD9EQxFGNcr/wCKQoeKJ8=; cv=none; d=example.org; i=1; s=dummy; t=12345 AMS: | a=rsa-sha256; b=XWeK9DxQ8MUm+Me5GLZ5lQ3L49RdoFv7m7VlrAkKb3/C7jjw33TrTY0KYI5lkowvEGnAtm 5lAqLz67FxA/VrJc2JiYFQR/mBoJLLz/hh9y77byYmSO9tLfIDe2A83+6QsXHO3K6PxTz7+v rCB4wHD9GADeUKVfHzmpZhFuYOa88=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=mime-version:date:from:to:subject; i=1; s=dummy; t=12345 AAR: | i=1; lists.example.org; arc=none; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass message_body_trail_crlf: spec: 12/16 description: message body add crlf to end if na message: | Authentication-Results: lists.example.org; arc=none; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. t: 12345 sig-headers: mime-version:date:from:to:subject srv-id: lists.example.org AS: | a=rsa-sha256; b=Pg8Yyk1AgYy2l+kb6iy+mY106AXm5EdgDwJhLP7+XyT6yaS38ZUho+bmgSDorV+LyARH4A 967A/oWMX3coyC7pAGyI+hA3+JifL7P3/aIVP4ooRJ/WUgT79snPuulxE15jg6FgQE68ObA1 /hy77BxdbD9EQxFGNcr/wCKQoeKJ8=; cv=none; d=example.org; i=1; s=dummy; t=12345 AMS: | a=rsa-sha256; b=XWeK9DxQ8MUm+Me5GLZ5lQ3L49RdoFv7m7VlrAkKb3/C7jjw33TrTY0KYI5lkowvEGnAtm 5lAqLz67FxA/VrJc2JiYFQR/mBoJLLz/hh9y77byYmSO9tLfIDe2A83+6QsXHO3K6PxTz7+v rCB4wHD9GADeUKVfHzmpZhFuYOa88=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=mime-version:date:from:to:subject; i=1; s=dummy; t=12345 AAR: | i=1; lists.example.org; arc=none; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass headers_field_name_case: spec: 12/16 description: header field names case insensitive message: | Authentication-Results: lists.example.org; arc=none; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 FROM: John Q Doe to: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. t: 12345 sig-headers: mime-version:date:from:to:subject srv-id: lists.example.org AS: | a=rsa-sha256; b=Pg8Yyk1AgYy2l+kb6iy+mY106AXm5EdgDwJhLP7+XyT6yaS38ZUho+bmgSDorV+LyARH4A 967A/oWMX3coyC7pAGyI+hA3+JifL7P3/aIVP4ooRJ/WUgT79snPuulxE15jg6FgQE68ObA1 /hy77BxdbD9EQxFGNcr/wCKQoeKJ8=; cv=none; d=example.org; i=1; s=dummy; t=12345 AMS: | a=rsa-sha256; b=XWeK9DxQ8MUm+Me5GLZ5lQ3L49RdoFv7m7VlrAkKb3/C7jjw33TrTY0KYI5lkowvEGnAtm 5lAqLz67FxA/VrJc2JiYFQR/mBoJLLz/hh9y77byYmSO9tLfIDe2A83+6QsXHO3K6PxTz7+v rCB4wHD9GADeUKVfHzmpZhFuYOa88=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=mime-version:date:from:to:subject; i=1; s=dummy; t=12345 AAR: | i=1; lists.example.org; arc=none; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass headers_field_unfold: spec: 12/16 description: header message: | Authentication-Results: lists.example.org; arc=none; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. t: 12345 sig-headers: mime-version:date:from:to:subject srv-id: lists.example.org AS: | a=rsa-sha256; b=Pg8Yyk1AgYy2l+kb6iy+mY106AXm5EdgDwJhLP7+XyT6yaS38ZUho+bmgSDorV+LyARH4A 967A/oWMX3coyC7pAGyI+hA3+JifL7P3/aIVP4ooRJ/WUgT79snPuulxE15jg6FgQE68ObA1 /hy77BxdbD9EQxFGNcr/wCKQoeKJ8=; cv=none; d=example.org; i=1; s=dummy; t=12345 AMS: | a=rsa-sha256; b=XWeK9DxQ8MUm+Me5GLZ5lQ3L49RdoFv7m7VlrAkKb3/C7jjw33TrTY0KYI5lkowvEGnAtm 5lAqLz67FxA/VrJc2JiYFQR/mBoJLLz/hh9y77byYmSO9tLfIDe2A83+6QsXHO3K6PxTz7+v rCB4wHD9GADeUKVfHzmpZhFuYOa88=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=mime-version:date:from:to:subject; i=1; s=dummy; t=12345 AAR: | i=1; lists.example.org; arc=none; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass headers_eol_wsp: spec: 12/16 description: headers ignore eol whitespace message: | Authentication-Results: lists.example.org; arc=none; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. t: 12345 sig-headers: mime-version:date:from:to:subject srv-id: lists.example.org AS: | a=rsa-sha256; b=Pg8Yyk1AgYy2l+kb6iy+mY106AXm5EdgDwJhLP7+XyT6yaS38ZUho+bmgSDorV+LyARH4A 967A/oWMX3coyC7pAGyI+hA3+JifL7P3/aIVP4ooRJ/WUgT79snPuulxE15jg6FgQE68ObA1 /hy77BxdbD9EQxFGNcr/wCKQoeKJ8=; cv=none; d=example.org; i=1; s=dummy; t=12345 AMS: | a=rsa-sha256; b=XWeK9DxQ8MUm+Me5GLZ5lQ3L49RdoFv7m7VlrAkKb3/C7jjw33TrTY0KYI5lkowvEGnAtm 5lAqLz67FxA/VrJc2JiYFQR/mBoJLLz/hh9y77byYmSO9tLfIDe2A83+6QsXHO3K6PxTz7+v rCB4wHD9GADeUKVfHzmpZhFuYOa88=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=mime-version:date:from:to:subject; i=1; s=dummy; t=12345 AAR: | i=1; lists.example.org; arc=none; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass headers_inl_wsp: spec: 12/16 description: header reduce inline whitespace message: | Authentication-Results: lists.example.org; arc=none; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. t: 12345 sig-headers: mime-version:date:from:to:subject srv-id: lists.example.org AS: | a=rsa-sha256; b=Pg8Yyk1AgYy2l+kb6iy+mY106AXm5EdgDwJhLP7+XyT6yaS38ZUho+bmgSDorV+LyARH4A 967A/oWMX3coyC7pAGyI+hA3+JifL7P3/aIVP4ooRJ/WUgT79snPuulxE15jg6FgQE68ObA1 /hy77BxdbD9EQxFGNcr/wCKQoeKJ8=; cv=none; d=example.org; i=1; s=dummy; t=12345 AMS: | a=rsa-sha256; b=XWeK9DxQ8MUm+Me5GLZ5lQ3L49RdoFv7m7VlrAkKb3/C7jjw33TrTY0KYI5lkowvEGnAtm 5lAqLz67FxA/VrJc2JiYFQR/mBoJLLz/hh9y77byYmSO9tLfIDe2A83+6QsXHO3K6PxTz7+v rCB4wHD9GADeUKVfHzmpZhFuYOa88=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=mime-version:date:from:to:subject; i=1; s=dummy; t=12345 AAR: | i=1; lists.example.org; arc=none; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass headers_col_wsp: spec: 12/16 description: headers whitespace surrounding colon ignored message: | Authentication-Results: lists.example.org; arc=none; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. t: 12345 sig-headers: mime-version:date:from:to:subject srv-id: lists.example.org AS: | a=rsa-sha256; b=Pg8Yyk1AgYy2l+kb6iy+mY106AXm5EdgDwJhLP7+XyT6yaS38ZUho+bmgSDorV+LyARH4A 967A/oWMX3coyC7pAGyI+hA3+JifL7P3/aIVP4ooRJ/WUgT79snPuulxE15jg6FgQE68ObA1 /hy77BxdbD9EQxFGNcr/wCKQoeKJ8=; cv=none; d=example.org; i=1; s=dummy; t=12345 AMS: | a=rsa-sha256; b=XWeK9DxQ8MUm+Me5GLZ5lQ3L49RdoFv7m7VlrAkKb3/C7jjw33TrTY0KYI5lkowvEGnAtm 5lAqLz67FxA/VrJc2JiYFQR/mBoJLLz/hh9y77byYmSO9tLfIDe2A83+6QsXHO3K6PxTz7+v rCB4wHD9GADeUKVfHzmpZhFuYOa88=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=mime-version:date:from:to:subject; i=1; s=dummy; t=12345 AAR: | i=1; lists.example.org; arc=none; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass domain: example.org sel: dummy privatekey: | -----BEGIN RSA PRIVATE KEY----- MIICXQIBAAKBgQDkHlOQoBTzWRiGs5V6NpP3idY6Wk08a5qhdR6wy5bdOKb2jLQi Y/J16JYi0Qvx/byYzCNb3W91y3FutACDfzwQ/BC/e/8uBsCR+yz1Lxj+PL6lHvqM KrM3rG4hstT5QjvHO9PzoxZyVYLzBfO2EeC3Ip3G+2kryOTIKT+l/K4w3QIDAQAB AoGAH0cxOhFZDgzXWhDhnAJDw5s4roOXN4OhjiXa8W7Y3rhX3FJqmJSPuC8N9vQm 6SVbaLAE4SG5mLMueHlh4KXffEpuLEiNp9Ss3O4YfLiQpbRqE7Tm5SxKjvvQoZZe zHorimOaChRL2it47iuWxzxSiRMv4c+j70GiWdxXnxe4UoECQQDzJB/0U58W7RZy 6enGVj2kWF732CoWFZWzi1FicudrBFoy63QwcowpoCazKtvZGMNlPWnC7x/6o8Gc uSe0ga2xAkEA8C7PipPm1/1fTRQvj1o/dDmZp243044ZNyxjg+/OPN0oWCbXIGxy WvmZbXriOWoSALJTjExEgraHEgnXssuk7QJBALl5ICsYMu6hMxO73gnfNayNgPxd WFV6Z7ULnKyV7HSVYF0hgYOHjeYe9gaMtiJYoo0zGN+L3AAtNP9huqkWlzECQE1a licIeVlo1e+qJ6Mgqr0Q7Aa7falZ448ccbSFYEPD6oFxiOl9Y9se9iYHZKKfIcst o7DUw1/hz2Ck4N5JrgUCQQCyKveNvjzkkd8HjYs0SwM0fPjK16//5qDZ2UiDGnOe uEzxBDAr518Z8VFbR41in3W4Y3yCDgQlLlcETrS+zYcL -----END RSA PRIVATE KEY----- txt-records: dummy._domainkey.example.org: | v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkHlOQ oBTzWRiGs5V6NpP3idY6Wk08a5qhdR6wy5bdOKb2jLQiY/J16JYi0Qvx/byYzC Nb3W91y3FutACDfzwQ/BC/e/8uBsCR+yz1Lxj+PL6lHvqMKrM3rG4hstT5QjvH O9PzoxZyVYLzBfO2EeC3Ip3G+2kryOTIKT+l/K4w3QIDAQAB --- description: >- Existant Seal Headers tests: i0_base: spec: 12/16 description: i=0 basic test message: | Authentication-Results: lists.example.org; arc=none; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. t: 12345 sig-headers: mime-version:date:from:to:subject srv-id: lists.example.org AS: | a=rsa-sha256; b=Pg8Yyk1AgYy2l+kb6iy+mY106AXm5EdgDwJhLP7+XyT6yaS38ZUho+bmgSDorV+LyARH4A 967A/oWMX3coyC7pAGyI+hA3+JifL7P3/aIVP4ooRJ/WUgT79snPuulxE15jg6FgQE68ObA1 /hy77BxdbD9EQxFGNcr/wCKQoeKJ8=; cv=none; d=example.org; i=1; s=dummy; t=12345 AMS: | a=rsa-sha256; b=XWeK9DxQ8MUm+Me5GLZ5lQ3L49RdoFv7m7VlrAkKb3/C7jjw33TrTY0KYI5lkowvEGnAtm 5lAqLz67FxA/VrJc2JiYFQR/mBoJLLz/hh9y77byYmSO9tLfIDe2A83+6QsXHO3K6PxTz7+v rCB4wHD9GADeUKVfHzmpZhFuYOa88=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=mime-version:date:from:to:subject; i=1; s=dummy; t=12345 AAR: | i=1; lists.example.org; arc=none; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass i1_base: spec: 12/16 description: i=1 basic test message: | Authentication-Results: lists.example.org; arc=pass; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Received: by 10.157.11.240 with SMTP id 103csp420860oth; Fri, 6 Jan 2017 14:27:31 -0800 (PST) ARC-Seal: a=rsa-sha256; b=eEDEWXmmpxnX0f3j86ZGcurPDtlkx6oV3UzSv6ltqzJ4pTiScRA8F5nL+bd9anV5vXVnOC WYT1oCpveHVdtpSr52tWEO4RSx+eCUuFsvVHRyq7yM8Ex8v2xhaLWqNWvb7NH38LunxZfjV4 TuqD0pt+if/XL2X+ctewoCSAVDhT8=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=XWeK9DxQ8MUm+Me5GLZ5lQ3L49RdoFv7m7VlrAkKb3/C7jjw33TrTY0KYI5lkowvEGnAtm 5lAqLz67FxA/VrJc2JiYFQR/mBoJLLz/hh9y77byYmSO9tLfIDe2A83+6QsXHO3K6PxTz7+v rCB4wHD9GADeUKVfHzmpZhFuYOa88=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=mime-version:date:from:to:subject; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; arc=none; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. t: 12346 sig-headers: mime-version:date:from:to:subject srv-id: lists.example.org AS: | a=rsa-sha256; b=x034ccYUvVc2knPq/udF0XGqz2CNAfeXkWPu3M5ZTMwJv6zCHDhwct9nyvzT9dJYnDZPui Bo4U1Fn2puetTuljta5ESvvO+Ul/D1RInclDOMbK3VqabYYymMFTwVN49GfSB7pg+jaPi5lM kjXJH6cxtiA8gamCejS4wZxJRD/fs=; cv=pass; d=example.org; i=2; s=dummy; t=12346 AMS: | a=rsa-sha256; b=UaNJhLFAa56Gpc+wKk0SL2Jq/LJgT9CYSZl59wcGYkpG0D5bjhDdj3qers6hD+3BpljNgn mFxq8zWssoPon3ydvTSCSjVwPRNgLol9zBP+FZo/QGQQbj74ZcGv04jOVe8TKDTFSaVe41L7 mH16ZdoLgRdSa2Ys+p9f0+DVFYTO4=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=mime-version:date:from:to:subject; i=2; s=dummy; t=12346 AAR: | i=2; lists.example.org; arc=pass; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass i2_base: spec: 12/16 description: i=2 basic test message: | Authentication-Results: lists.example.org; arc=pass; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 ARC-Seal: a=rsa-sha256; b=rOfjske1NJtykYwgODc8BxJOW5Df1E2LLPasFXs0x00QIXX7SDUsEzD4u2IdtN0kNNJBPS IcfjOy4TaHEPkULPubiJG4fEx87iyAMCiVRraaMXabqxgg4IHpieNdl4tNMO1GkGHwG760+5 DmvXc4BINugnX66Z+sL0y0z3THR3A=; cv=pass; d=example.org; i=2; s=dummy; t=12346 ARC-Message-Signature: a=rsa-sha256; b=UaNJhLFAa56Gpc+wKk0SL2Jq/LJgT9CYSZl59wcGYkpG0D5bjhDdj3qers6hD+3BpljNgn mFxq8zWssoPon3ydvTSCSjVwPRNgLol9zBP+FZo/QGQQbj74ZcGv04jOVe8TKDTFSaVe41L7 mH16ZdoLgRdSa2Ys+p9f0+DVFYTO4=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=mime-version:date:from:to:subject; i=2; s=dummy; t=12346 ARC-Authentication-Results: i=2; lists.example.org; arc=pass; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.11.240 with SMTP id 103csp420860oth; Fri, 6 Jan 2017 14:27:31 -0800 (PST) ARC-Seal: a=rsa-sha256; b=eEDEWXmmpxnX0f3j86ZGcurPDtlkx6oV3UzSv6ltqzJ4pTiScRA8F5nL+bd9anV5vXVnOC WYT1oCpveHVdtpSr52tWEO4RSx+eCUuFsvVHRyq7yM8Ex8v2xhaLWqNWvb7NH38LunxZfjV4 TuqD0pt+if/XL2X+ctewoCSAVDhT8=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=XWeK9DxQ8MUm+Me5GLZ5lQ3L49RdoFv7m7VlrAkKb3/C7jjw33TrTY0KYI5lkowvEGnAtm 5lAqLz67FxA/VrJc2JiYFQR/mBoJLLz/hh9y77byYmSO9tLfIDe2A83+6QsXHO3K6PxTz7+v rCB4wHD9GADeUKVfHzmpZhFuYOa88=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=mime-version:date:from:to:subject; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; arc=none; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. t: 12347 sig-headers: mime-version:date:from:to:subject srv-id: lists.example.org AS: | a=rsa-sha256; b=qQunugdoVyNwoa2P4Lb6CBFCUqr4tY9cnCBE4s0/rH8EPwMxc1MwUMDNHRbQWcbDy1R/N8 VaNyCuyUAFw7R2n4iISalDgFm2neCyo4YEQ8EcMdNi3oTFewLC0d1n6APsQX8TiHbtq5jJsD YSk1xlys8Szgoc8H7dXffiQQlyhRI=; cv=pass; d=example.org; i=3; s=dummy; t=12347 AMS: | a=rsa-sha256; b=QmCd8uJdwnr6wMmniYA/VHCuWButAIlcPZSpNWvk8KHgTuFMZlCPQToT2qVpf2BUfdNpnC mSCED02aLfV6Grc6caqO4PIaxyu3Z+/HNxh0NugIW2JVHT1cZicWkwlgZa4V9i+CYFBAYmzb L0n4ibTxSX8XPxR9ffZdknwiLmYsA=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=mime-version:date:from:to:subject; i=3; s=dummy; t=12347 AAR: | i=3; lists.example.org; arc=pass; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass i1_base_fail: spec: 12/16 description: i=1 basic test with failing arc set message: | Authentication-Results: lists.example.org; arc=fail; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Received: by 10.157.11.240 with SMTP id 103csp420860oth; Fri, 6 Jan 2017 14:27:31 -0800 (PST) ARC-Seal: a=rsa-sha256; b=fOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=mime-version:date:from:to:subject; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; arc=none; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. t: 12346 sig-headers: mime-version:date:from:to:subject srv-id: lists.example.org AS: | a=rsa-sha256; b=1NUXYB6dkzvHNNuAxkPWkze6te3YkN29XbS1WtqXGPKmwZujBYH8Au3eMW+pKUnCFSK4Bj tyh0/cTU4jKwxE7sVnGV7BbwW8FdRsYSOgT5RCq3GBuWq5SAW5jDzTIoSMU5joN+jU55xw8a mcpcAZse7+iQbftRJflGDEyHZH8s4=; cv=fail; d=example.org; i=2; s=dummy; t=12346 AMS: | a=rsa-sha256; b=UaNJhLFAa56Gpc+wKk0SL2Jq/LJgT9CYSZl59wcGYkpG0D5bjhDdj3qers6hD+3BpljNgn mFxq8zWssoPon3ydvTSCSjVwPRNgLol9zBP+FZo/QGQQbj74ZcGv04jOVe8TKDTFSaVe41L7 mH16ZdoLgRdSa2Ys+p9f0+DVFYTO4=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=mime-version:date:from:to:subject; i=2; s=dummy; t=12346 AAR: | i=2; lists.example.org; arc=fail; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass i2_base_fail: spec: 12/16 description: i=1 basic test message: | Authentication-Results: lists.example.org; arc=fail; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 ARC-Seal: a=rsa-sha256; b=rOfjske1NJtykYwgODc8BxJOW5Df1E2LLPasFXs0x00QIXX7SDUsEzD4u2IdtN0kNNJBPS IcfjOy4TaHEPkULPubiJG4fEx87iyAMCiVRraaMXabqxgg4IHpieNdl4tNMO1GkGHwG760+5 DmvXc4BINugnX66Z+sL0y0z3THR3A=; cv=pass; d=example.org; i=2; s=dummy; t=12346 ARC-Message-Signature: a=rsa-sha256; b=UaNJhLFAa56Gpc+wKk0SL2Jq/LJgT9CYSZl59wcGYkpG0D5bjhDdj3qers6hD+3BpljNgn mFxq8zWssoPon3ydvTSCSjVwPRNgLol9zBP+FZo/QGQQbj74ZcGv04jOVe8TKDTFSaVe41L7 mH16ZdoLgRdSa2Ys+p9f0+DVFYTO4=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=mime-version:date:from:to:subject; i=2; s=dummy; t=12346 ARC-Authentication-Results: i=2; lists.example.org; arc=pass; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.11.240 with SMTP id 103csp420860oth; Fri, 6 Jan 2017 14:27:31 -0800 (PST) ARC-Seal: a=rsa-sha256; b=fOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=mime-version:date:from:to:subject; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; arc=none; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.organ> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. t: 12347 sig-headers: mime-version:date:from:to:subject srv-id: lists.example.org AS: | a=rsa-sha256; b=P3oIsF0qE5VDD1XPP0oH5XkvpG20k9jmkREcWvi1I9uy6P4UP9Y7mVYTAsNdi8XOg+AMiG CT1CUTmR5+MyYC4mqFW6943PIyzDrDvhZb8DLoy5/tM2cztpSzS0SItqM2XRh0YGp0yMA1sz obc7WTpkgtqFz5beCQC/PjnQ3ZkRw=; cv=fail; d=example.org; i=3; s=dummy; t=12347 AMS: | a=rsa-sha256; b=QmCd8uJdwnr6wMmniYA/VHCuWButAIlcPZSpNWvk8KHgTuFMZlCPQToT2qVpf2BUfdNpnC mSCED02aLfV6Grc6caqO4PIaxyu3Z+/HNxh0NugIW2JVHT1cZicWkwlgZa4V9i+CYFBAYmzb L0n4ibTxSX8XPxR9ffZdknwiLmYsA=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=mime-version:date:from:to:subject; i=3; s=dummy; t=12347 AAR: | i=3; lists.example.org; arc=fail; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass no_additional_sig: spec: 12/16 description: if a chain is failing, dont add another set message: | Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Received: by 10.157.11.240 with SMTP id 103csp420860oth; Fri, 6 Jan 2017 14:27:31 -0800 (PST) ARC-Seal: a=rsa-sha256; b=OrYKWzAKrroSe2lCeF+/5QJOSzJi/RSTggVcdINMmJ8TO8wfkRLaJkAnhLhNts5lnJIDI7 ZFUmsbtZ6ZhBK5l6WzaE5+iDofcUTjKMFw7keblIE6Frp8Evsb2ShKQZDIseXZxcNHr/Oz0t pSKS2JwAriD3rkXm6WVR0Jv+wDFQo=; cv=fail; d=example.org; i=2; s=dummy; t=12346 ARC-Message-Signature: a=rsa-sha256; b=UaNJhLFAa56Gpc+wKk0SL2Jq/LJgT9CYSZl59wcGYkpG0D5bjhDdj3qers6hD+3BpljNgn mFxq8zWssoPon3ydvTSCSjVwPRNgLol9zBP+FZo/QGQQbj74ZcGv04jOVe8TKDTFSaVe41L7 mH16ZdoLgRdSa2Ys+p9f0+DVFYTO4=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=mime-version:date:from:to:subject; i=2; s=dummy; t=12346 ARC-Authentication-Results: i=2; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass ARC-Seal: a=rsa-sha256; b=fOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=mime-version:date:from:to:subject; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. t: 12346 sig-headers: mime-version:date:from:to:subject srv-id: lists.example.org AS: | AMS: | AAR: | ar_merged1: spec: 12/16 description: i=0 basic test message: | Authentication-Results: lists.example.org; arc=none Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example Authentication-Results: lists.example.org; dkim=pass (1024-bit key) header.i=@d1.example Authentication-Results: lists.example.org; dmarc=pass Authentication-Results: nobody.example.org; something=ignored MIME-Version: 1.0 Return-Path: Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. t: 12345 sig-headers: mime-version:date:from:to:subject srv-id: lists.example.org AS: | a=rsa-sha256; b=Pg8Yyk1AgYy2l+kb6iy+mY106AXm5EdgDwJhLP7+XyT6yaS38ZUho+bmgSDorV+LyARH4A 967A/oWMX3coyC7pAGyI+hA3+JifL7P3/aIVP4ooRJ/WUgT79snPuulxE15jg6FgQE68ObA1 /hy77BxdbD9EQxFGNcr/wCKQoeKJ8=; cv=none; d=example.org; i=1; s=dummy; t=12345 AMS: | a=rsa-sha256; b=XWeK9DxQ8MUm+Me5GLZ5lQ3L49RdoFv7m7VlrAkKb3/C7jjw33TrTY0KYI5lkowvEGnAtm 5lAqLz67FxA/VrJc2JiYFQR/mBoJLLz/hh9y77byYmSO9tLfIDe2A83+6QsXHO3K6PxTz7+v rCB4wHD9GADeUKVfHzmpZhFuYOa88=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=mime-version:date:from:to:subject; i=1; s=dummy; t=12345 AAR: | i=1; lists.example.org; arc=none; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass ar_merged2: spec: 12/16 description: i=0 basic test message: | Authentication-Results: lists.example.org; arc=none; spf=pass smtp.mfrom=jqd@d1.example Authentication-Results: lists.example.org; dkim=pass (1024-bit key) header.i=@d1.example Authentication-Results: lists.example.org; dmarc=pass Authentication-Results: nobody.example.org; something=ignored MIME-Version: 1.0 Return-Path: Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. t: 12345 sig-headers: mime-version:date:from:to:subject srv-id: lists.example.org AS: | a=rsa-sha256; b=Pg8Yyk1AgYy2l+kb6iy+mY106AXm5EdgDwJhLP7+XyT6yaS38ZUho+bmgSDorV+LyARH4A 967A/oWMX3coyC7pAGyI+hA3+JifL7P3/aIVP4ooRJ/WUgT79snPuulxE15jg6FgQE68ObA1 /hy77BxdbD9EQxFGNcr/wCKQoeKJ8=; cv=none; d=example.org; i=1; s=dummy; t=12345 AMS: | a=rsa-sha256; b=XWeK9DxQ8MUm+Me5GLZ5lQ3L49RdoFv7m7VlrAkKb3/C7jjw33TrTY0KYI5lkowvEGnAtm 5lAqLz67FxA/VrJc2JiYFQR/mBoJLLz/hh9y77byYmSO9tLfIDe2A83+6QsXHO3K6PxTz7+v rCB4wHD9GADeUKVfHzmpZhFuYOa88=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=mime-version:date:from:to:subject; i=1; s=dummy; t=12345 AAR: | i=1; lists.example.org; arc=none; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass domain: example.org sel: dummy privatekey: | -----BEGIN RSA PRIVATE KEY----- MIICXQIBAAKBgQDkHlOQoBTzWRiGs5V6NpP3idY6Wk08a5qhdR6wy5bdOKb2jLQi Y/J16JYi0Qvx/byYzCNb3W91y3FutACDfzwQ/BC/e/8uBsCR+yz1Lxj+PL6lHvqM KrM3rG4hstT5QjvHO9PzoxZyVYLzBfO2EeC3Ip3G+2kryOTIKT+l/K4w3QIDAQAB AoGAH0cxOhFZDgzXWhDhnAJDw5s4roOXN4OhjiXa8W7Y3rhX3FJqmJSPuC8N9vQm 6SVbaLAE4SG5mLMueHlh4KXffEpuLEiNp9Ss3O4YfLiQpbRqE7Tm5SxKjvvQoZZe zHorimOaChRL2it47iuWxzxSiRMv4c+j70GiWdxXnxe4UoECQQDzJB/0U58W7RZy 6enGVj2kWF732CoWFZWzi1FicudrBFoy63QwcowpoCazKtvZGMNlPWnC7x/6o8Gc uSe0ga2xAkEA8C7PipPm1/1fTRQvj1o/dDmZp243044ZNyxjg+/OPN0oWCbXIGxy WvmZbXriOWoSALJTjExEgraHEgnXssuk7QJBALl5ICsYMu6hMxO73gnfNayNgPxd WFV6Z7ULnKyV7HSVYF0hgYOHjeYe9gaMtiJYoo0zGN+L3AAtNP9huqkWlzECQE1a licIeVlo1e+qJ6Mgqr0Q7Aa7falZ448ccbSFYEPD6oFxiOl9Y9se9iYHZKKfIcst o7DUw1/hz2Ck4N5JrgUCQQCyKveNvjzkkd8HjYs0SwM0fPjK16//5qDZ2UiDGnOe uEzxBDAr518Z8VFbR41in3W4Y3yCDgQlLlcETrS+zYcL -----END RSA PRIVATE KEY----- txt-records: dummy._domainkey.example.org: | v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkHlOQ oBTzWRiGs5V6NpP3idY6Wk08a5qhdR6wy5bdOKb2jLQiY/J16JYi0Qvx/byYzC Nb3W91y3FutACDfzwQ/BC/e/8uBsCR+yz1Lxj+PL6lHvqMKrM3rG4hstT5QjvH O9PzoxZyVYLzBfO2EeC3Ip3G+2kryOTIKT+l/K4w3QIDAQAB Mail-DKIM-1.20200907/t/arc_test_suite/unused_tests.yml0000644000175000017500000003355513725344750020725 0ustar marcmarcdescription: >- Signed Headers tests: header_order: spec: 12/16 description: sig header order respected message: | Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. t: 12345 sig-headers: to:from:date:subject:mime-version srv-id: lists.example.org AS: | a=rsa-sha256; b=gqSUpDYP3LzkxM6XeTjPlN5++ktIxy34FnYjEADeY+FQ/d+V3SoNBx9yLN+FVAsJCxblCS KUasBYrFqVq40SgVCSHrwnUYZ4mckNlNn+Hy6KEtS5hS/tEzZTW3y9hAPBJWdUyAUKiKIVq8 V4Gq6yM5QKDu4Yq3D4PwgNjh76iH8=; cv=none; d=example.org; i=1; s=dummy; t=12345 AMS: | a=rsa-sha256; b=2o+Wl1gzbDmg4Hv5q52M7V+E6KBhMISVmqTDrk1HfOgMJwJ+0v8Nl18EjbL+iOTu6Vxz9+ 1m64cPsNr1Tgm79jjqugOKDI/yaU7h4DaFMmN54tGX8j1ElMXSl8ghcfaknApLU060vKVUoo F2GfD1qo+SSox3wkZNkPQdGKjNmQM=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=to:from:date:subject:mime-version; i=1; s=dummy; t=12345 AAR: | i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass header_dup_ord1: spec: 12/16 description: duplicated header, order 1 message: | Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: denna@dmarc.org To: auri@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. t: 12345 sig-headers: mime-version:date:from:to:subject srv-id: lists.example.org AS: | a=rsa-sha256; b=3LFkLFLW8xkBFnaTFs2EGa5WBUfAsUOw63TNwfqAqmWYTzDfw4Ns2yZWNEZE8ORQgj12en FqKOU1u8MU/LgbzV55tKahhLKXSJ0wND5ruQNMZv2ls44a/Zyy0fbh4t29kZ7K6eHSQMStUz YbCAdAklVigKcjq1g5kMdHgD8IxMc=; cv=none; d=example.org; i=1; s=dummy; t=12345 AMS: | a=rsa-sha256; b=UQp6p9TvTDEpkBB1zIsA/94TszxBvWWnFm+nHLbyrjLhiKZ9VZtZI2QEPVs/0IaTJxsGmq pChiXJwj8epXN1oJDjO+XBlSCKoTWZTeKC0MbJ07kpm7viFhSu0qpF83k1f5Ej9jf84D2wLt zb7hgnWi24ielL6FzGN+H8buVhbbU=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=mime-version:date:from:to:subject; i=1; s=dummy; t=12345 AAR: | i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass header_dup_ord2: spec: 12/16 description: duplicated headers order 2 message: | Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: auri@dmarc.org To: denna@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. t: 12345 sig-headers: mime-version:date:from:to:subject srv-id: lists.example.org AS: | a=rsa-sha256; b=vXHsq4WbXJfOcQXeT+h35Ordn3oPZJ4b2yepw7IgrK7ThUlMw+XpGwUIvMWRspb8f5PFfu j13gjWHhQm3ZsZQdk3PAv2GOo7CCUc4kBz3zdS+F2TC3w7FAGUZwy1ydCTZepUYn9RwR9oWP tt6O0a6ANufAzQVFcLmqdRkw+tbQ4=; cv=none; d=example.org; i=1; s=dummy; t=12345 AMS: | a=rsa-sha256; b=tzFfrmm/eb6MujohtiI1VKBx7SEGIVT2zCHGo77GhZy0Gd2REEqYwvhJ7ZDekKHEu+jVts blyQisci9KYyzDryanja8kMi2caTy9yPiBTVW35xMGARfYXtTaJQxBuWB80NUrjb5+85LeKL HxfWNYzxJrLV2qStteu5VvHxt1DQY=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=mime-version:date:from:to:subject; i=1; s=dummy; t=12345 AAR: | i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass sig_header_dup_once: spec: 12/16 description: duplicated sig headers included once message: | Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: auri@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. t: 12345 sig-headers: from:to:to:date:subject:mime-version srv-id: lists.example.org AS: | a=rsa-sha256; b=HRFn5t4mnwZk6QjeABaOpy8rWHObzqW407UbA+Hup1O37WoadkxzY22uXQCn7VHKqRsUIS Z+vtADFY+JuzbY7yqrXB8nUS/P6R6o+j9E7w4WzGxqUlmqFH17e3g1cVRHEVcQlpliC9TO+/ bf/x9ZlBuEeJUccbVQ8VuM18APsE4=; cv=none; d=example.org; i=1; s=dummy; t=12345 AMS: | a=rsa-sha256; b=b8D7xpSlIiWdOASTSGyWAa087zocte5WTUPaqytU+mXkhpeq2vU7yXXy42HFS8/yhsWpVw ft84uE9xEhixVzimMRjBSpAiFOIFjCWZuWVWBT9pG2xc9WJgx4wQbLJZJYxLcbdyEbluygRw mDtIWbZGrPDGtyydARp2pkNchs/Bo=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:to:date:subject:mime-version; i=1; s=dummy; t=12345 AAR: | i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass sig_header_dup_twice: spec: 12/16 description: duplicated sig headers included twice message: | Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: denna@dmarc.org To: auri@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. t: 12345 sig-headers: from:to:to:date:subject:mime-version srv-id: lists.example.org AS: | a=rsa-sha256; b=gCtozfvMLQiP1NzMXNut15V/ePTArlVx0staLbIUz6rOHDFIYMDOZri4+JYoZNNcKjdR+o XQ+Gm/EDaOIaMBpwpoYzESHnrL8cIRe3NwxhtL2JoUIQ79eCEhaG5Gq7qurpoEV6Ddkz121w EtROCfRcIPOxDKoiKQyVhNVCc0xxM=; cv=none; d=example.org; i=1; s=dummy; t=12345 AMS: | a=rsa-sha256; b=M/o4ghtato9MEIyTyq6fNs8dRjo5k4okyohLu63KcHQBI6boSCh6wM/pul1vuQgEXfP4nr 3jyYGFYRoPvbtLfBCnu0Gk9wTrhnCYc5RiU19tmR/dIHzKieA4dKfsSDi5EgoRehalYQl3KS Ly9SfIyosh5bimh3sapFW0JSYD+ko=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:to:date:subject:mime-version; i=1; s=dummy; t=12345 AAR: | i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass header_non: spec: 12/16 description: non existant headers signed message: | Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. t: 12345 sig-headers: from:to:&&&:date:subject:mime-version srv-id: lists.example.org AS: | a=rsa-sha256; b=4TsoQ6lkx+J+Nflw4uENH/jX7Q/P9M/FsbxU1Itd+/xvZUnOj0lHc+F3Hma0SGLhHZukuy ah/nEo11PDxbNgDcPib0jqvJuQ6zA7RnOOUkK7On9rKSSOe7bjlKjqC4zfiLx0R8BsiVlMnE 694u2tZb1YxM+sjg7yabdSzsMhrUg=; cv=none; d=example.org; i=1; s=dummy; t=12345 AMS: | a=rsa-sha256; b=yTqa80O9qaHqm3FQ9XdtZMjW8zSCB5wCrlAIuCtWnMEevkKQUJf6alnMdXIg5TXhr2+3uZ dnbrMF+c11EwtBopG0qd/9BSrzLL65YmLFKhe0dSsFPhKOvw3yoDwk8gaE3AnnHRsPnHDWwr QmDiYbjfMOQMp4KcdGfI5JJtw+d64=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:&&&:date:subject:mime-version; i=1; s=dummy; t=12345 AAR: | i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass domain: example.org sel: dummy privatekey: | -----BEGIN RSA PRIVATE KEY----- MIICXQIBAAKBgQDkHlOQoBTzWRiGs5V6NpP3idY6Wk08a5qhdR6wy5bdOKb2jLQi Y/J16JYi0Qvx/byYzCNb3W91y3FutACDfzwQ/BC/e/8uBsCR+yz1Lxj+PL6lHvqM KrM3rG4hstT5QjvHO9PzoxZyVYLzBfO2EeC3Ip3G+2kryOTIKT+l/K4w3QIDAQAB AoGAH0cxOhFZDgzXWhDhnAJDw5s4roOXN4OhjiXa8W7Y3rhX3FJqmJSPuC8N9vQm 6SVbaLAE4SG5mLMueHlh4KXffEpuLEiNp9Ss3O4YfLiQpbRqE7Tm5SxKjvvQoZZe zHorimOaChRL2it47iuWxzxSiRMv4c+j70GiWdxXnxe4UoECQQDzJB/0U58W7RZy 6enGVj2kWF732CoWFZWzi1FicudrBFoy63QwcowpoCazKtvZGMNlPWnC7x/6o8Gc uSe0ga2xAkEA8C7PipPm1/1fTRQvj1o/dDmZp243044ZNyxjg+/OPN0oWCbXIGxy WvmZbXriOWoSALJTjExEgraHEgnXssuk7QJBALl5ICsYMu6hMxO73gnfNayNgPxd WFV6Z7ULnKyV7HSVYF0hgYOHjeYe9gaMtiJYoo0zGN+L3AAtNP9huqkWlzECQE1a licIeVlo1e+qJ6Mgqr0Q7Aa7falZ448ccbSFYEPD6oFxiOl9Y9se9iYHZKKfIcst o7DUw1/hz2Ck4N5JrgUCQQCyKveNvjzkkd8HjYs0SwM0fPjK16//5qDZ2UiDGnOe uEzxBDAr518Z8VFbR41in3W4Y3yCDgQlLlcETrS+zYcL -----END RSA PRIVATE KEY----- txt-records: dummy._domainkey.example.org: | v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkHlOQ oBTzWRiGs5V6NpP3idY6Wk08a5qhdR6wy5bdOKb2jLQiY/J16JYi0Qvx/byYzC Nb3W91y3FutACDfzwQ/BC/e/8uBsCR+yz1Lxj+PL6lHvqMKrM3rG4hstT5QjvH O9PzoxZyVYLzBfO2EeC3Ip3G+2kryOTIKT+l/K4w3QIDAQAB --- description: >- Authentication Results tests: ar_merge: spec: 12/16 description: AR header merging message: | Authentication-Results: lists.example.org; arc=none Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. t: 12345 sig-headers: mime-version:date:from:to:subject srv-id: lists.example.org AS: | a=rsa-sha256; b=Pg8Yyk1AgYy2l+kb6iy+mY106AXm5EdgDwJhLP7+XyT6yaS38ZUho+bmgSDorV+LyARH4A 967A/oWMX3coyC7pAGyI+hA3+JifL7P3/aIVP4ooRJ/WUgT79snPuulxE15jg6FgQE68ObA1 /hy77BxdbD9EQxFGNcr/wCKQoeKJ8=; cv=none; d=example.org; i=1; s=dummy; t=12345 AMS: | a=rsa-sha256; b=XWeK9DxQ8MUm+Me5GLZ5lQ3L49RdoFv7m7VlrAkKb3/C7jjw33TrTY0KYI5lkowvEGnAtm 5lAqLz67FxA/VrJc2JiYFQR/mBoJLLz/hh9y77byYmSO9tLfIDe2A83+6QsXHO3K6PxTz7+v rCB4wHD9GADeUKVfHzmpZhFuYOa88=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=mime-version:date:from:to:subject; i=1; s=dummy; t=12345 AAR: | i=1; lists.example.org; arc=none; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass domain: example.org sel: dummy privatekey: | -----BEGIN RSA PRIVATE KEY----- MIICXQIBAAKBgQDkHlOQoBTzWRiGs5V6NpP3idY6Wk08a5qhdR6wy5bdOKb2jLQi Y/J16JYi0Qvx/byYzCNb3W91y3FutACDfzwQ/BC/e/8uBsCR+yz1Lxj+PL6lHvqM KrM3rG4hstT5QjvHO9PzoxZyVYLzBfO2EeC3Ip3G+2kryOTIKT+l/K4w3QIDAQAB AoGAH0cxOhFZDgzXWhDhnAJDw5s4roOXN4OhjiXa8W7Y3rhX3FJqmJSPuC8N9vQm 6SVbaLAE4SG5mLMueHlh4KXffEpuLEiNp9Ss3O4YfLiQpbRqE7Tm5SxKjvvQoZZe zHorimOaChRL2it47iuWxzxSiRMv4c+j70GiWdxXnxe4UoECQQDzJB/0U58W7RZy 6enGVj2kWF732CoWFZWzi1FicudrBFoy63QwcowpoCazKtvZGMNlPWnC7x/6o8Gc uSe0ga2xAkEA8C7PipPm1/1fTRQvj1o/dDmZp243044ZNyxjg+/OPN0oWCbXIGxy WvmZbXriOWoSALJTjExEgraHEgnXssuk7QJBALl5ICsYMu6hMxO73gnfNayNgPxd WFV6Z7ULnKyV7HSVYF0hgYOHjeYe9gaMtiJYoo0zGN+L3AAtNP9huqkWlzECQE1a licIeVlo1e+qJ6Mgqr0Q7Aa7falZ448ccbSFYEPD6oFxiOl9Y9se9iYHZKKfIcst o7DUw1/hz2Ck4N5JrgUCQQCyKveNvjzkkd8HjYs0SwM0fPjK16//5qDZ2UiDGnOe uEzxBDAr518Z8VFbR41in3W4Y3yCDgQlLlcETrS+zYcL -----END RSA PRIVATE KEY----- txt-records: dummy._domainkey.example.org: | v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkHlOQ oBTzWRiGs5V6NpP3idY6Wk08a5qhdR6wy5bdOKb2jLQiY/J16JYi0Qvx/byYzC Nb3W91y3FutACDfzwQ/BC/e/8uBsCR+yz1Lxj+PL6lHvqMKrM3rG4hstT5QjvH O9PzoxZyVYLzBfO2EeC3Ip3G+2kryOTIKT+l/K4w3QIDAQAB Mail-DKIM-1.20200907/t/arc_test_suite/LICENSE.txt0000644000175000017500000000203713725344750017267 0ustar marcmarcCopyright <2017> ValiMail Inc. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. Mail-DKIM-1.20200907/t/arc_test_suite/arc-draft-validation-tests.yml0000644000175000017500000133774613725344750023345 0ustar marcmarcdescription: >- Chain Validation tests: cv_empty: spec: 12/16 description: empty message message: | cv: None cv_no_headers: spec: 12/16 description: message with no headers message: | Hey gang, This is a test message. --J. cv: None cv_no_body: spec: 12/16 description: message with no body message: | MIME-Version: 1.0 Return-Path: Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 cv: None cv_base1: spec: 12/16 description: base test message1 message: | MIME-Version: 1.0 Return-Path: Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: None cv_base2: spec: 12/16 description: base test message2 message: | MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Tue, 3 Jan 2017 12:31:41 -080 From: John Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: None cv_pass_i1_1: spec: 12/16 description: passing message i=1 base1 message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass cv_pass_i1_2: spec: 12/16 description: passing message i=1 base2 message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=RkKDOauVsqcsTEFv6NVE6J0sxj8LUE4kfwRzs0CvMg/+KOqRDQoFxxJsJkI77EHZqcSgwr QKpt6aKsl2zyUovVhAppT65S0+vo+h3utd3f8jph++1uiAUhVf57PihDC/GcdhyRGa6YNQGh GoArSHaJKb06/qF5OBif8o9lmRC8E=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Pass cv_pass_i2_1: spec: 12/16 description: passing message i=2 base1 message: | MIME-Version: 1.0 ARC-Seal: a=rsa-sha256; b=IAqZJ5HwfNxxsrn9R4ayQgiu9RibPKEUVevbt7XFTkSh1baJ533D2Z6IZ2NaBreUhDBb2e K9Gtcv+eyUhWkD8VTmE6fq/F8CDIK3ScIiJykF8hNL1wpa/mGwWWwBnkozIJGAbTAAX7AgnH knAehnSW99TeU0lmib0XmOt4TN3sY=; cv=pass; d=example.org; i=2; s=dummy; t=12346 ARC-Message-Signature: a=rsa-sha256; b=2cDGNznUmp4YSSThCe9nrQIH2Gpd5qPFw3OU8sWFzZgEQ5UZtaVQifVUXUrsSyEzjro3Ul YPPDx+C1K+LbKRlOZ06il4ws2zlPafsrx1piKsKSCUq0KjFs01hYCDBa3tfdyITSfoWu2HHY pCjrhPMPH1jruIdBV/5Gk2Fvy+mW8=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=2; s=dummy; t=12346 ARC-Authentication-Results: i=2; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.11.240 with SMTP id 103csp420860oth; Fri, 6 Jan 2017 14:27:31 -0800 (PST) ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass cv_pass_i2_2: spec: 12/16 description: passing message i=2 base2 message: | MIME-Version: 1.0 ARC-Seal: a=rsa-sha256; b=CiZp+ZloBeWiIyjY+Eq0lKt20KQDF3QIJNw7+/jdjtQ1XTSMhHsli7H/ocIXsiU/kLF5pn pABQiZPvAWfCaEcCA9lyb/7i3q2i72GLdK1vdrdD2nIM5e7L3u/5Z56SJdKTu46SyoFQve9b Cp7qoQB9/TUTxxvkDoapsSjDCDqZ0=; cv=pass; d=example.org; i=2; s=dummy; t=12346 ARC-Message-Signature: a=rsa-sha256; b=A2OCip1Cf9z6X7ML9/bRajnToeCD3H7IkP7YqmSKqDtn8Yu8oaJdwP0lZfCTjX++Qas9nj tGWMojFpj8Wd2rzdyMXwUWF3xlcFBD2gApO9xbehIASIF4lFQMyP6D80LjsjdtpstgwGZl9P y6WTyD1Kw/bNPZadxvNeDg3LVcQpo=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=2; s=dummy; t=12346 ARC-Authentication-Results: i=2; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.11.240 with SMTP id 103csp420860oth; Fri, 6 Jan 2017 14:27:31 -0800 (PST) Return-Path: ARC-Seal: a=rsa-sha256; b=RkKDOauVsqcsTEFv6NVE6J0sxj8LUE4kfwRzs0CvMg/+KOqRDQoFxxJsJkI77EHZqcSgwr QKpt6aKsl2zyUovVhAppT65S0+vo+h3utd3f8jph++1uiAUhVf57PihDC/GcdhyRGa6YNQGh GoArSHaJKb06/qF5OBif8o9lmRC8E=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Pass cv_pass_i2_1_ams1_invalid: spec: 12/16 description: i=2 base1 modified from header, ams(1) no longer valid message: | MIME-Version: 1.0 ARC-Seal: a=rsa-sha256; b=TKrRvbWMQbGHGQSIMlStVE/2vKjY5E8kVSSXJmEyOL1OjexNoNSfnYpjklVVaG9O4Hsbc5 ZEbLSkpDIOKlnb+XlLNL5xvYntBNamjtH0e9et3DpyPQUIZ2gyZsuFwPzN/m96BU5iv+blU0 XLjgABkBLyfaFlEPsQ0SUs8gZjM7Y=; cv=pass; d=example.org; i=2; s=dummy; t=12346 ARC-Message-Signature: a=rsa-sha256; b=ZFJ9p6LT/KerwWPXp+WzznYAbt+cF4R/3l5nfSeNZSi38hhtpLkoJi/2R1FXdnnznKa3mQ gk3WCEaxLNmHEl90TDHGL5vhViJ57OSS0X7ZgyKzZrNbVSDYj416pFR356MMXdaV8WVq9mD4 yATaaWBkVi8eOh287Qbqj0k93H/+U=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=2; s=dummy; t=12346 ARC-Authentication-Results: i=2; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.11.240 with SMTP id 103csp420860oth; Fri, 6 Jan 2017 14:27:31 -0800 (PST) ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass cv_pass_i3_1: spec: 12/16 description: passing message i=3 base1 message: | MIME-Version: 1.0 ARC-Seal: a=rsa-sha256; b=EcI6PD1XFx7uTngsG2JZQzTaAyhIGafcKJO+aTb4+PV1QKFHrLLrSv++W872urw2WnEsWJ Hs+YPSVbRGJXbHp4rSM0VasdFb6lf2UUJf8Lxy17f3CzqQQz5CGMO++75t+cManzaOmnjq/Z gGaqK7euJwWo6hzF3pNZYdTJ6JZOo=; cv=pass; d=example.org; i=3; s=dummy; t=12347 ARC-Message-Signature: a=rsa-sha256; b=FEp53xrAEL1qQfytTEmR+Lp/ZpX4bXQvtj/peHauDtix/tlBN2v841lm72vOjK6WfqGB4E X/9vRfV7ZiSRMFvXAWlnDKw5wzoZFyQ3xebnvqraYnq9OA1CrDIFQVLqqGIaZrcZ+fTXt7Kp TBMU/BzIBERwfWXqBG1DqZGYXrHFw=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=3; s=dummy; t=12347 ARC-Authentication-Results: i=3; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.11.240 with SMTP id 103csp420860oth; Fri, 6 Jan 2017 15:38:12 -0800 (PST) ARC-Seal: a=rsa-sha256; b=IAqZJ5HwfNxxsrn9R4ayQgiu9RibPKEUVevbt7XFTkSh1baJ533D2Z6IZ2NaBreUhDBb2e K9Gtcv+eyUhWkD8VTmE6fq/F8CDIK3ScIiJykF8hNL1wpa/mGwWWwBnkozIJGAbTAAX7AgnH knAehnSW99TeU0lmib0XmOt4TN3sY=; cv=pass; d=example.org; i=2; s=dummy; t=12346 ARC-Message-Signature: a=rsa-sha256; b=2cDGNznUmp4YSSThCe9nrQIH2Gpd5qPFw3OU8sWFzZgEQ5UZtaVQifVUXUrsSyEzjro3Ul YPPDx+C1K+LbKRlOZ06il4ws2zlPafsrx1piKsKSCUq0KjFs01hYCDBa3tfdyITSfoWu2HHY pCjrhPMPH1jruIdBV/5Gk2Fvy+mW8=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=2; s=dummy; t=12346 ARC-Authentication-Results: i=2; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.11.240 with SMTP id 103csp420860oth; Fri, 6 Jan 2017 14:27:31 -0800 (PST) ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass cv_pass_i4_1: spec: 12/16 description: passing message i=4 base1 message: | MIME-Version: 1.0 ARC-Seal: a=rsa-sha256; b=lf+5z/QtA3SZRY8Bz60La2HmprfbE1Q2vUmiP/4Db3Ma3KqpZmnS9/d/wDr3dXgC0TpT4X +bUAQ0iK2hWXtvr9bfs0x7s2skzdyeX/Zzvin2NE/a0uhxIOMfO6Fqcr8YNT9hKQa4qHJxE/ Qpr0aO4ypt+tGkNHf+4gCLoDWss0M=; cv=pass; d=example.org; i=4; s=dummy; t=12348 ARC-Message-Signature: a=rsa-sha256; b=aqlCYqV7+A1U0pg3Fc3WayaB8cQOH2QBEbwqzJ82ghIERQnLAPMXKR/LfUo27lNbLi+Hfs wo3ZOCJOoaC6kvHpMTmgOdq1SWBgl4WjwDhVXSarxZS40HxzF25Gi2O1jn0ke7vj1IyKceiF 9W6deMSsxrlDqD+1Bas4XUfFeC03M=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=4; s=dummy; t=12348 ARC-Authentication-Results: i=4; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass ARC-Seal: a=rsa-sha256; b=EcI6PD1XFx7uTngsG2JZQzTaAyhIGafcKJO+aTb4+PV1QKFHrLLrSv++W872urw2WnEsWJ Hs+YPSVbRGJXbHp4rSM0VasdFb6lf2UUJf8Lxy17f3CzqQQz5CGMO++75t+cManzaOmnjq/Z gGaqK7euJwWo6hzF3pNZYdTJ6JZOo=; cv=pass; d=example.org; i=3; s=dummy; t=12347 ARC-Message-Signature: a=rsa-sha256; b=FEp53xrAEL1qQfytTEmR+Lp/ZpX4bXQvtj/peHauDtix/tlBN2v841lm72vOjK6WfqGB4E X/9vRfV7ZiSRMFvXAWlnDKw5wzoZFyQ3xebnvqraYnq9OA1CrDIFQVLqqGIaZrcZ+fTXt7Kp TBMU/BzIBERwfWXqBG1DqZGYXrHFw=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=3; s=dummy; t=12347 ARC-Authentication-Results: i=3; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.11.240 with SMTP id 103csp420860oth; Fri, 6 Jan 2017 15:38:12 -0800 (PST) ARC-Seal: a=rsa-sha256; b=IAqZJ5HwfNxxsrn9R4ayQgiu9RibPKEUVevbt7XFTkSh1baJ533D2Z6IZ2NaBreUhDBb2e K9Gtcv+eyUhWkD8VTmE6fq/F8CDIK3ScIiJykF8hNL1wpa/mGwWWwBnkozIJGAbTAAX7AgnH knAehnSW99TeU0lmib0XmOt4TN3sY=; cv=pass; d=example.org; i=2; s=dummy; t=12346 ARC-Message-Signature: a=rsa-sha256; b=2cDGNznUmp4YSSThCe9nrQIH2Gpd5qPFw3OU8sWFzZgEQ5UZtaVQifVUXUrsSyEzjro3Ul YPPDx+C1K+LbKRlOZ06il4ws2zlPafsrx1piKsKSCUq0KjFs01hYCDBa3tfdyITSfoWu2HHY pCjrhPMPH1jruIdBV/5Gk2Fvy+mW8=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=2; s=dummy; t=12346 ARC-Authentication-Results: i=2; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.11.240 with SMTP id 103csp420860oth; Fri, 6 Jan 2017 14:27:31 -0800 (PST) ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass cv_pass_i5_1: spec: 12/16 description: passing message i=5 base1 message: | MIME-Version: 1.0 ARC-Seal: a=rsa-sha256; b=0Kw2RaoquhI2id5WxefhIq+DMaZGXa0iEtjT7oRpCpLhLxH0sofldiwSpVJMh1qZo5k7pk JW/uah4CWdln95BAm3AikTH7Bu0gM6To4qzCgFKulTbnvRK3Q7jT4xflPf8M4PAkw3OAN2+k d4dsvyOoo3ait+oNeXyFAEuZ4RoD8=; cv=pass; d=example.org; i=5; s=dummy; t=12349 ARC-Message-Signature: a=rsa-sha256; b=j50SIOsFwO/hXR//iEpwzqDIVtC4qwIdReAesDFZaTvfxzYB6TshuR7u7LqE8PjsUNz6CX urhvUkCOMGi2q9vQn3lqh67m3roWzIPivbUDoO0KAd9FghBI3QKbQAJe85gV7jbaTsURM9WZ ygbRURxwTz42PatPu9LNGo2QUwaNU=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=5; s=dummy; t=12349 ARC-Authentication-Results: i=5; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass ARC-Seal: a=rsa-sha256; b=lf+5z/QtA3SZRY8Bz60La2HmprfbE1Q2vUmiP/4Db3Ma3KqpZmnS9/d/wDr3dXgC0TpT4X +bUAQ0iK2hWXtvr9bfs0x7s2skzdyeX/Zzvin2NE/a0uhxIOMfO6Fqcr8YNT9hKQa4qHJxE/ Qpr0aO4ypt+tGkNHf+4gCLoDWss0M=; cv=pass; d=example.org; i=4; s=dummy; t=12348 ARC-Message-Signature: a=rsa-sha256; b=aqlCYqV7+A1U0pg3Fc3WayaB8cQOH2QBEbwqzJ82ghIERQnLAPMXKR/LfUo27lNbLi+Hfs wo3ZOCJOoaC6kvHpMTmgOdq1SWBgl4WjwDhVXSarxZS40HxzF25Gi2O1jn0ke7vj1IyKceiF 9W6deMSsxrlDqD+1Bas4XUfFeC03M=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=4; s=dummy; t=12348 ARC-Authentication-Results: i=4; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass ARC-Seal: a=rsa-sha256; b=EcI6PD1XFx7uTngsG2JZQzTaAyhIGafcKJO+aTb4+PV1QKFHrLLrSv++W872urw2WnEsWJ Hs+YPSVbRGJXbHp4rSM0VasdFb6lf2UUJf8Lxy17f3CzqQQz5CGMO++75t+cManzaOmnjq/Z gGaqK7euJwWo6hzF3pNZYdTJ6JZOo=; cv=pass; d=example.org; i=3; s=dummy; t=12347 ARC-Message-Signature: a=rsa-sha256; b=FEp53xrAEL1qQfytTEmR+Lp/ZpX4bXQvtj/peHauDtix/tlBN2v841lm72vOjK6WfqGB4E X/9vRfV7ZiSRMFvXAWlnDKw5wzoZFyQ3xebnvqraYnq9OA1CrDIFQVLqqGIaZrcZ+fTXt7Kp TBMU/BzIBERwfWXqBG1DqZGYXrHFw=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=3; s=dummy; t=12347 ARC-Authentication-Results: i=3; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.11.240 with SMTP id 103csp420860oth; Fri, 6 Jan 2017 15:38:12 -0800 (PST) ARC-Seal: a=rsa-sha256; b=IAqZJ5HwfNxxsrn9R4ayQgiu9RibPKEUVevbt7XFTkSh1baJ533D2Z6IZ2NaBreUhDBb2e K9Gtcv+eyUhWkD8VTmE6fq/F8CDIK3ScIiJykF8hNL1wpa/mGwWWwBnkozIJGAbTAAX7AgnH knAehnSW99TeU0lmib0XmOt4TN3sY=; cv=pass; d=example.org; i=2; s=dummy; t=12346 ARC-Message-Signature: a=rsa-sha256; b=2cDGNznUmp4YSSThCe9nrQIH2Gpd5qPFw3OU8sWFzZgEQ5UZtaVQifVUXUrsSyEzjro3Ul YPPDx+C1K+LbKRlOZ06il4ws2zlPafsrx1piKsKSCUq0KjFs01hYCDBa3tfdyITSfoWu2HHY pCjrhPMPH1jruIdBV/5Gk2Fvy+mW8=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=2; s=dummy; t=12346 ARC-Authentication-Results: i=2; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.11.240 with SMTP id 103csp420860oth; Fri, 6 Jan 2017 14:27:31 -0800 (PST) ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass cv_fail_i1_ams_na: spec: 12/16 description: failing message i=i no ams message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail cv_fail_i1_ams_invalid: spec: 12/16 description: failing message i=i invalid ams message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is an invalid test message. --J. cv: Fail cv_fail_i1_as_na: spec: 12/16 description: failing message i=i no as message: | MIME-Version: 1.0 Return-Path: ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail cv_fail_i1_as_pass: spec: 12/16 description: failing message i=i as cv=Pass message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=PhxOTCxMOzOkfccg/YXFn+e5FdMyjQK+QXNt9lYytimVUpntsBbAAtBQT5XgYQDRsM3YR+ vBsf1oJ+kL221cv9qQWYUC3DP3xaE0nZ3vjNR1+//uZpMcTT3k6NYZnlzexAzYMoXByQkrS6 0Om4kNir1fUo5SOlGXpXf8NRSmU70=; cv=pass; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail cv_fail_i1_as_cv_fail: spec: 12/16 description: failing message i=i as cv=fail message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=wddf4DzBcl11ICrYWjYC78s246KGCG4D3XBmouE2PVdLr4LWqyTWTQDvZ7TWrtEDkRsmz+ wbaMVAWdj2XgewkwQu5qxQ82D5dGiLcNQXfQDRbd8dO1+PZVWlw0wmeM7nRhNb/5tT0BvNQO xrrb4oEs4LIFDNYtKgTvCMyCVLzuw=; cv=fail; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: | cv_fail_i1_as_invalid: spec: 12/16 description: failing message i=i invalid as b= message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=OdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail cv_fail_i2_ams_na: spec: 12/16 description: i=2 base1 missing AMS(2) message: | MIME-Version: 1.0 ARC-Seal: a=rsa-sha256; b=IAqZJ5HwfNxxsrn9R4ayQgiu9RibPKEUVevbt7XFTkSh1baJ533D2Z6IZ2NaBreUhDBb2e K9Gtcv+eyUhWkD8VTmE6fq/F8CDIK3ScIiJykF8hNL1wpa/mGwWWwBnkozIJGAbTAAX7AgnH knAehnSW99TeU0lmib0XmOt4TN3sY=; cv=pass; d=example.org; i=2; s=dummy; t=12346 ARC-Authentication-Results: i=2; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.11.240 with SMTP id 103csp420860oth; Fri, 6 Jan 2017 14:27:31 -0800 (PST) ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail cv_fail_i2_ams_invalid: spec: 12/16 description: i=2 base1 AMS(2) invalid message: | MIME-Version: 1.0 ARC-Seal: a=rsa-sha256; b=jsR4La5CWj4665VQZEjoLgxdNhdaE1mZFpkL8jsfEm938sd9TWr/keRkfZQaRFLuFjTxI4 vg8/D4bUx3UW0G6CngHmcx0kBi375aRfxmD5ad+esDyc5Dw/s6GapOpb4JFrss1n6x4MGOtY GQAQi7b0FPUdlXVbKQYIQovi7ZjGU=; cv=pass; d=example.org; i=2; s=dummy; t=12346 ARC-Message-Signature: a=rsa-sha256; b=CnX/07HnYNoqdjrn4mE9if486SWqYAytX0weObYC+UCp+ht1qId6MPsQa3QWSWZt3buX+E kCwFMMfnBeo1gQ9rPfPEcQtUI5/3D/RYqtBmaZTP1Vpcgj5qw3mQxNJJh0kl57z5holdQ5I0 g0S02+/k61c6cJzmoDKYsQP/VjebI=; bh=invalid; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=2; s=dummy; t=12346 ARC-Authentication-Results: i=2; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.11.240 with SMTP id 103csp420860oth; Fri, 6 Jan 2017 14:27:31 -0800 (PST) ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail cv_fail_i2_as2_na: spec: 12/16 description: i=2 base1 AS(1) NA message: | MIME-Version: 1.0 ARC-Message-Signature: a=rsa-sha256; b=2cDGNznUmp4YSSThCe9nrQIH2Gpd5qPFw3OU8sWFzZgEQ5UZtaVQifVUXUrsSyEzjro3Ul YPPDx+C1K+LbKRlOZ06il4ws2zlPafsrx1piKsKSCUq0KjFs01hYCDBa3tfdyITSfoWu2HHY pCjrhPMPH1jruIdBV/5Gk2Fvy+mW8=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=2; s=dummy; t=12346 ARC-Authentication-Results: i=2; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.11.240 with SMTP id 103csp420860oth; Fri, 6 Jan 2017 14:27:31 -0800 (PST) ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail cv_fail_i2_as2_invalid: spec: 12/16 description: i=2 base1 AS(2) invalid message: | MIME-Version: 1.0 ARC-Seal: a=rsa-sha256; b=JAqZJ5HwfNxxsrn9R4ayQgiu9RibPKEUVevbt7XFTkSh1baJ533D2Z6IZ2NaBreUhDBb2e K9Gtcv+eyUhWkD8VTmE6fq/F8CDIK3ScIiJykF8hNL1wpa/mGwWWwBnkozIJGAbTAAX7AgnH knAehnSW99TeU0lmib0XmOt4TN3sY=; cv=pass; d=example.org; i=2; s=dummy; t=12346 ARC-Message-Signature: a=rsa-sha256; b=2cDGNznUmp4YSSThCe9nrQIH2Gpd5qPFw3OU8sWFzZgEQ5UZtaVQifVUXUrsSyEzjro3Ul YPPDx+C1K+LbKRlOZ06il4ws2zlPafsrx1piKsKSCUq0KjFs01hYCDBa3tfdyITSfoWu2HHY pCjrhPMPH1jruIdBV/5Gk2Fvy+mW8=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=2; s=dummy; t=12346 ARC-Authentication-Results: i=2; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.11.240 with SMTP id 103csp420860oth; Fri, 6 Jan 2017 14:27:31 -0800 (PST) ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail cv_fail_i2_as2_none: spec: 12/16 description: i=2 base1 cv2=none message: | MIME-Version: 1.0 ARC-Seal: a=rsa-sha256; b=o0fxNS9D87SVRYy2tkq7rXntZWYLuInRCzW2Jx9U8Px0XEGyD4SdwRIpS+RJ4qK6ufvuuc qYLmF9M9aV0tvbe8mp78+qhN8RImVPehz6AFPY7NGy563MQDPDAynBWQyp4EXodlmmzQoEGB iMar9e9AuWSwyAok1BDkUFsajLRIA=; cv=none; d=example.org; i=2; s=dummy; t=12346 ARC-Message-Signature: a=rsa-sha256; b=2cDGNznUmp4YSSThCe9nrQIH2Gpd5qPFw3OU8sWFzZgEQ5UZtaVQifVUXUrsSyEzjro3Ul YPPDx+C1K+LbKRlOZ06il4ws2zlPafsrx1piKsKSCUq0KjFs01hYCDBa3tfdyITSfoWu2HHY pCjrhPMPH1jruIdBV/5Gk2Fvy+mW8=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=2; s=dummy; t=12346 ARC-Authentication-Results: i=2; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.11.240 with SMTP id 103csp420860oth; Fri, 6 Jan 2017 14:27:31 -0800 (PST) ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail cv_fail_i2_as2_fail: spec: 12/16 description: i=2 base1 cv2=fail message: | MIME-Version: 1.0 ARC-Seal: a=rsa-sha256; b=1mXrddJKGqZTDDgnoDP1IYTu5g4ij0kxFZ8dSsSjo13+vDuoBEa4aKbYWlG4Ij2IAwjaLR CDYddDXDBZ5Cpnzrq7fDSVmmUhwQanAAd9aah4TpZeervt3/tOqFnpckUtOus1hq9yr5lvLA 1umDZf50sOb6AygAm/k8xCco9rDp0=; cv=fail; d=example.org; i=2; s=dummy; t=12346 ARC-Message-Signature: a=rsa-sha256; b=2cDGNznUmp4YSSThCe9nrQIH2Gpd5qPFw3OU8sWFzZgEQ5UZtaVQifVUXUrsSyEzjro3Ul YPPDx+C1K+LbKRlOZ06il4ws2zlPafsrx1piKsKSCUq0KjFs01hYCDBa3tfdyITSfoWu2HHY pCjrhPMPH1jruIdBV/5Gk2Fvy+mW8=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=2; s=dummy; t=12346 ARC-Authentication-Results: i=2; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.11.240 with SMTP id 103csp420860oth; Fri, 6 Jan 2017 14:27:31 -0800 (PST) ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: | cv_fail_i2_as1_na: spec: 12/16 description: i=2 base1 as(1) not available message: | MIME-Version: 1.0 ARC-Seal: a=rsa-sha256; b=1JtiDdajC4yqlIqokR/uaPI/KdST9EsS2oPhDdQAe4E96IXwQwkgRZLJF9OODSux9JCWXh Z/sCh3yLmcTOKPuBQAwtAfll+PUePsuHh0gRYECVIkY3bGfAr+3hVdrmNpr7B6/Zcq8mjQEt u/5q+XkkocYaUxT+ODnGGHwMI/8Q8=; cv=pass; d=example.org; i=2; s=dummy; t=12346 ARC-Message-Signature: a=rsa-sha256; b=2cDGNznUmp4YSSThCe9nrQIH2Gpd5qPFw3OU8sWFzZgEQ5UZtaVQifVUXUrsSyEzjro3Ul YPPDx+C1K+LbKRlOZ06il4ws2zlPafsrx1piKsKSCUq0KjFs01hYCDBa3tfdyITSfoWu2HHY pCjrhPMPH1jruIdBV/5Gk2Fvy+mW8=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=2; s=dummy; t=12346 ARC-Authentication-Results: i=2; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.11.240 with SMTP id 103csp420860oth; Fri, 6 Jan 2017 14:27:31 -0800 (PST) ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail cv_fail_i2_as1_invalid: spec: 12/16 description: i=2 base1 as(1) invalid message: | MIME-Version: 1.0 ARC-Seal: a=rsa-sha256; b=gifscOcADiR9JpJLFaCULS2DPnnk89AxF3tIfanEQV5PQWJvRSWrDs8hMwLDdDDZRKBWNq I1+lBro3Nd9RmUt6YsMNdGYK7XIG5ME9FwamoqqFxq++1jST6wg1gS1YrFExuHreNlICZ9yT xSmufAj9mJS2CLuOxYh6YIo6bHj1Q=; cv=pass; d=example.org; i=2; s=dummy; t=12346 ARC-Message-Signature: a=rsa-sha256; b=2cDGNznUmp4YSSThCe9nrQIH2Gpd5qPFw3OU8sWFzZgEQ5UZtaVQifVUXUrsSyEzjro3Ul YPPDx+C1K+LbKRlOZ06il4ws2zlPafsrx1piKsKSCUq0KjFs01hYCDBa3tfdyITSfoWu2HHY pCjrhPMPH1jruIdBV/5Gk2Fvy+mW8=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=2; s=dummy; t=12346 ARC-Authentication-Results: i=2; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.11.240 with SMTP id 103csp420860oth; Fri, 6 Jan 2017 14:27:31 -0800 (PST) ARC-Seal: a=rsa-sha256; b=OdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail cv_fail_i2_as1_pass: spec: 12/16 description: i=2 base1 as(1) cv=pass message: | MIME-Version: 1.0 ARC-Seal: a=rsa-sha256; b=1p687XiKxG2/cjtpO3A+Qkt/B7Q49iMgcq1CutOBxLs2TXcO5CUozwxFbY9YvEaOyXxf6Q EnSvZ4UpYIkKGNrm0PLSbgI0y3cY4Waa/fFlT+/7oJUQmsnN8MreOfcHZRpGrSRU6bu5uOyp 5mSlxgTwnti4Ua4vAjl+ayFOn0hC0=; cv=pass; d=example.org; i=2; s=dummy; t=12346 ARC-Message-Signature: a=rsa-sha256; b=2cDGNznUmp4YSSThCe9nrQIH2Gpd5qPFw3OU8sWFzZgEQ5UZtaVQifVUXUrsSyEzjro3Ul YPPDx+C1K+LbKRlOZ06il4ws2zlPafsrx1piKsKSCUq0KjFs01hYCDBa3tfdyITSfoWu2HHY pCjrhPMPH1jruIdBV/5Gk2Fvy+mW8=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=2; s=dummy; t=12346 ARC-Authentication-Results: i=2; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.11.240 with SMTP id 103csp420860oth; Fri, 6 Jan 2017 14:27:31 -0800 (PST) ARC-Seal: a=rsa-sha256; b=PhxOTCxMOzOkfccg/YXFn+e5FdMyjQK+QXNt9lYytimVUpntsBbAAtBQT5XgYQDRsM3YR+ vBsf1oJ+kL221cv9qQWYUC3DP3xaE0nZ3vjNR1+//uZpMcTT3k6NYZnlzexAzYMoXByQkrS6 0Om4kNir1fUo5SOlGXpXf8NRSmU70=; cv=pass; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail cv_fail_i2_as1_fail: spec: 12/16 description: i=2 base1 as(1) cv=fail message: | MIME-Version: 1.0 ARC-Seal: a=rsa-sha256; b=uMD7AJfyGb+OHxrGSOB3Vbt7nBnEZn0RMBoq8GgyRbz4Xar+BmAIR766rEvlwgLkkKU21u GY8S0HK2GgR5lhpcrezkwD9/L+bfe7uyuFDrr4b50mt4oI9FTfwR0MuHpW91gAvR4ZYnwTRy PoMy3AaapPFnlY38n+HjseH0JACTo=; cv=pass; d=example.org; i=2; s=dummy; t=12346 ARC-Message-Signature: a=rsa-sha256; b=2cDGNznUmp4YSSThCe9nrQIH2Gpd5qPFw3OU8sWFzZgEQ5UZtaVQifVUXUrsSyEzjro3Ul YPPDx+C1K+LbKRlOZ06il4ws2zlPafsrx1piKsKSCUq0KjFs01hYCDBa3tfdyITSfoWu2HHY pCjrhPMPH1jruIdBV/5Gk2Fvy+mW8=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=2; s=dummy; t=12346 ARC-Authentication-Results: i=2; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.11.240 with SMTP id 103csp420860oth; Fri, 6 Jan 2017 14:27:31 -0800 (PST) ARC-Seal: a=rsa-sha256; b=wddf4DzBcl11ICrYWjYC78s246KGCG4D3XBmouE2PVdLr4LWqyTWTQDvZ7TWrtEDkRsmz+ wbaMVAWdj2XgewkwQu5qxQ82D5dGiLcNQXfQDRbd8dO1+PZVWlw0wmeM7nRhNb/5tT0BvNQO xrrb4oEs4LIFDNYtKgTvCMyCVLzuw=; cv=fail; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: | txt-records: dummy._domainkey.example.org: >- v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkHlOQoBTzWRiGs5V6NpP3id Y6Wk08a5qhdR6wy5bdOKb2jLQiY/J16JYi0Qvx/byYzCNb3W91y3FutACDfzwQ/BC/e/8uBsCR+yz1Lx j+PL6lHvqMKrM3rG4hstT5QjvHO9PzoxZyVYLzBfO2EeC3Ip3G+2kryOTIKT+l/K4w3QIDAQAB --- description: >- AMS Set Structure tests: ams_struct_i_na: description: AMS i= NA message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=UeCu1SBJupH/8Xp4vCLTNWJAvhmj7xgawvWq/GsnIiqXrrYVg/OvwcqGqGD1kNZHWvZuXH W0AIl1z/3vycIGYQdrT22+oy/s0bJjHhcHQWo2iZt/4mP094fecbT/soJv6mERLw74pRwkei /skva76UKGLq1xHXzvQkew5RwhgMo=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=mmLqaSDJ2CFu1lXO7s26aXT3MrFC1pfi9ZjuVysKjleXUX3N1+pX+GchfuzHniUGpuQQRQ 1J7CL7EG6Rd8SzWIM3ghBfhN+G6jjXzv+uVtm89kbNodrVZ1mVtEtUoEo/8BvOCfeNotyGyj NyHGzPyAc+kv/zimFml7MKn2By4KI=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_struct_i_empty: description: AMS i= empty message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=Je7FiPu5s4SChzn1rIOwQd9kAjZodFrZwqsoomdw0TGZsQbL2djL2E160MND7eGKIRe1IP hu0WqhhZ3OD9LGFa/JUOoSeTgTA+kGx0Acan9wp+ksw9UeCLtpmRs00FOYiHe4mpl8i1QLVG aLcewyizL1HdM1U3N+S+eeOzBtdwk=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=l3O/xWb0Bu0DKaKiwlQrD85VsESQyWPV6fS5r9fou680YgQGIk8ycfBXt0kJLKMf6I7gtC AZZ3eypnAjIqiP1o3QNaajeicN5str9K+miibqwANe0/SIPR4/fOqs5oS8/9309wzwqPflUt nL5/nuDJt/5KHqXc2jMw8GZfdAf7M=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_struct_i_zero: description: AMS i= zero message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=1BHrrrHUNLNWyocFdPKW6qGOt7Y3TaD8n0pI4pVOKi9hfRljZKQ3xENWzYCPNXiwp9p0ww gOt2mC/YtjrGCi+Yco4DoStThYcEkoXKUZVPDSa8AIOE/sH32wTYfhaspKr9A2zvScG91zfI EGC1qF4qHAoxnJBPWfHhuzqH2ELk4=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=hbcwQf/Mg+hXbDyGiBN828o/d7O4WzqVD3r4Zym8u02Flc53mO0N3ElghteOiIw4YG2Sa/ WbfxPpbWAVsdtYprjevGNOvl1hpF4d+xqX7h+GVxaEwEN65GFK3trxJF2BaHQ8F4hc5a6Fmf Is8OV3B+2ZW7iegJdH2CVlvusajys=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=0; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_struct_i_invalid: description: AMS i= invalid value message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=gzFG4vgfOas2UvRlmaw3UKLF+bfZLP2RoFnIysRRMQHFDz62uhEUoM/U8MAm4N8DLl3Bw9 3TcPxmd6zV5sbciSc7zXuMxIAmj3/vyfv4vlTDNZ4n/pHXGfxNhXkDndJcoh+2U2Ia14ARkP /v2n677wgmOPcbzq27YL5+DJFEG4o=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=eXN9vsCoo/HcGaJ4yAdXfbaW3zKsIFETZAJcHuD7xRi8BttnxkZTCiFn7zp+AOUIuga+/Q w1mGFP5tDK2U+mcKoEXvXIxGBS4CSKueUHDxTyCxdWas4LFYkGd4fKM7XK604RqByh+301RA eNU/3uCcRitftaLemX/R089S2HETU=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=a; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_struct_dup: description: Duplicate AMS i=1 message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_struct_missing: description: Missing AMS i=1 message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail txt-records: dummy._domainkey.example.org: >- v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkHlOQoBTzWRiGs5V6NpP3id Y6Wk08a5qhdR6wy5bdOKb2jLQiY/J16JYi0Qvx/byYzCNb3W91y3FutACDfzwQ/BC/e/8uBsCR+yz1Lx j+PL6lHvqMKrM3rG4hstT5QjvHO9PzoxZyVYLzBfO2EeC3Ip3G+2kryOTIKT+l/K4w3QIDAQAB --- description: >- Arc Message Signature Format tests: ams_format_sc_wsp: spec: 12/16 description: ams format tag whitespace around semicolon ignored message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=OeNJ7p2NdW3mKv4hyenx+QbRuqqq8iwGAyY1WVX/EJiPHS2vNB5lEI/YmVB3diTkKPHWe8 ZOq18DTVtOVuahLqM7s/4K/gvx3zal0vcedPL/mtRW4A1Ct0/wyLuFADX2HZ815cELx81SuX 3fEbbym1br+0JArsz6n8798lidnWY=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=NOLE9bNh30qiTx35h5yKbHlDPahxvhXUWjv8Yiy5L7Ks3NNznK54dmUPZ4D/80tkRYiil0 8sCqFTh7OH5ZTXXEfArxBMQQl3DAqTjOJQ1c3jPYwaDliWqCLLueSsH+ovaFGRGNPm2O41o0 J8xUmyji1bXXLKMinB+Adv9ALXsw8=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ= ; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_format_eq_wsp: spec: 12/16 description: ams format tag whitespace around equals ignored message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=CcoQW04QZ7n7OTPACcP26R0vJtjEwVmcFpj4+PJnvT1kVeOMfcqwt7FEGlCjeJ0QIYMeNW TY6kND0fe0WJDVnWvhCyeOb5JjwllbJJ/ThP74I5UPgQ0Cwp1h/O9HIrUJkrje6HQ3nD6Dok la2keL/t4R7YtMyAmn9sPWuAOwSrE=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=KLZ8Io9rZzsWt0Q/Mrx8sYO7HPLptFwGoCdabHuyrQsek+1c5yo5tOQidcTc8ksw5PoAZH PNOIoyGVte9jMk0LdA1IYjjvvUmEANMZCJf0wm66exDWJ30xMrgbosLN2XvsRk3BDkoCg2AY HkR11isMdIhrefd7AHw9YEDTnohQw=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c = relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_format_tags_trail_sc: spec: 12/16 description: ams trailing semi colon no effect message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=Q3iCsG7zmlydzz8zFIm4X+Nyr2636znsyGh+lRhCFtcWbw3m3v8fFrtK3uNvqSM+WW3Cmf TbteHFaG9YL34KUMi/ThuPoG8sOwJ18BPjXrdBS5EiXYBBFalkVRV0ktqyiNi57LBVS+VGWV FwOD85C/V/Fju2wETdy0ly1VjfLBg=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=H+XsRP2HBJwygQonE/YquKr2y1KqjjlhBQ/hEkIGFjjNhOIvMfuuO054H4+kxMmvHFdwk8 a8Uwy1MxQBC3a4b0jAQ77rOn5VFhO1tAmCkfZP1bJSxewRfC2Eo7j/07+r8ZLuyuAzlQIW+n DPJtOhnIIEOGhLgPNlcTwc9R/XKiE=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345; ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_format_tags_unknown: spec: 12/16 description: unknown tags still valid message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=hnT0gH/efgds1eGi2XgAPK5ts+d6QZHc910SN6Xpr1TmDPXpNoRlq8F4eeMTj8VMgLWOza HeMe4quPmcWlZm0vRkiUxK3Q9HJlclElB9ehd+qPKzE92zWdSnkQN3kpyoA9mSAn6eTUmX9d ZFCA8DnXTQSl3T7V4GWwO9byXtHmg=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=jHH5JVvEmO5RMAl5NlbOHuIgc72768gwRv2MjCvgh83McNt2Ogx7yFZTPfcyO9F0jT5EIz bOzMeH+vIBJjJZz1/FVpBUxXJ7Ir5jQ6rjDGCvztrqeSMkhyF2pdiGIQPn6HuA0qDjMY6IfM wGoYUNqNE0+2s5p+DuxXMbT0tZBv4=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345; w=flarp ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_format_inv_tag_key: spec: 12/16 description: ams format invalid tag key message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ= ; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; ==; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_format_tags_dup: spec: 12/16 description: tags are not de duplicated message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_format_tags_key_case: spec: 12/16 description: tag keys are case sensitive message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; H=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_format_tags_val_case: spec: 12/16 description: tag values are case sensitive message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=From:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_format_tags_wsp: spec: 12/16 description: ams tag values whitespace sensitive message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=1 2345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_format_tags_sc: spec: 12/16 description: additional semicolons are invalid message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy;; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail txt-records: dummy._domainkey.example.org: >- v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkHlOQoBTzWRiGs5V6NpP3id Y6Wk08a5qhdR6wy5bdOKb2jLQiY/J16JYi0Qvx/byYzCNb3W91y3FutACDfzwQ/BC/e/8uBsCR+yz1Lx j+PL6lHvqMKrM3rG4hstT5QjvHO9PzoxZyVYLzBfO2EeC3Ip3G+2kryOTIKT+l/K4w3QIDAQAB --- description: >- Arc Message Signature Fields tests: ams_fields_i_dup1: spec: 12/16 description: duplicate ams i=1 order 1 message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_i_dup2: spec: 12/16 description: duplicate ams i=1 order 2 message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_a_sha1: spec: 12/16 description: a= unknown algorithm message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=wO65QnQIWl6SnCuXSzaqpFWd1Iz5y/VneN5oorqP3XDWkXh6SYZ/CCIgdzBYqDX6zzKXAW /qC29Xl3klg9mg6Epteb3Ie/nmUDCNiGoBF2ZGWW4w3CgYYBJU2nGitvR9ytKZ9VaNJkXqr/ iWEc+fuCSNgwbAXMe4WeyT1LjU0QU=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha1; b=JxQvoennMmz4+A7Strpsa5XUkbwuHHwNZW30eUytxb+M28y/01pkSXPKpsbLuZItfjJw4h AIiLraxKMj+Ene95MTUa1Xqk1fzlKTo+mhfpPOwn4pBmZaJilCx25pRNgSrs4uGX79vVcf51 xiN7GF0ns2hGx7Jg/YTeBsVL9ckd4=; bh=bIxxaeIQvmOBdTAitYfSNFgzPP4=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_fields_a_na: spec: 12/16 description: a= not avaliable message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=xOHf2jEcVrFDvr1gDUYPzfVj90l2aTOJmU3pQXz7FT9tp86svuVyCZqh5laLPdunneTVgg wgejwf9PP8A8wCO+HHjMwZF16ZUE4Yqg4ZMjfzUCmK9fv2iT5qx/k4Hl4F6aBstcNhODcTpg bN/qhpMAtJqP1+Nk+SxDgLEZPqwNU=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: b=iu9yW2jX7187Y2/yKW8Z3a/8lIsaKvek4h5lscx18jk45kfztcCuR6adEtBx3/szzN5bVW iU6qZgimS7l2VjfRhNFEOTzhpxXO20Pd9lJ9O07Jk0CzdYd6PqB+anrPz9+g7+3Bqn+MzhEi j5+z3fy6/xMhdmISrSWwpGbT6Jp98=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_a_empty: spec: 12/16 description: a= empty message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=ErVcYmPHoKhcv4cUMAAlK9Z5tZ2G66c1PD6uaqj09ab7YOmLJ/4SJNH16m51n6oRv6uBtO Qp0ikKw9DAG/ZFm550lnr0xwDxgo7C8b26FC7187QlNoW1/we0SFutFo6XqJGgmQsly1glDi uyECgQHiR2C+S1DHpYqSMGhl/yehg=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=; b=zVPKQ3zrtroGYfUFOyR2TJFk/T+2BorYCDkmE6KSBjbhNFtvx0W+5z+Rnz5gvnQJA7K1Ob CdP9IlCJGU9w5vYfsw0hL2nksu+1b1sgS0FZv5N2AqT07Xc+B4xxjUnddUojOdTp33k5rpES /F6U0YUFq29+Oec8F/+849FdJIFo4=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_a_unknown: spec: 12/16 description: a= unknown algorithm message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=ZIVn4O02gVZZM69shdqjhGG21S6N8/WPCWKj+NQgoDtMuUYmgIaKkWJ8MyzdiCH+09lKlC OeftQqHOztn7eqsqG1+JkY03J0WR1IKcyEJ01mKrKD1FEm5FlCAYfk0zl+S58GDXNC70d7EU Ht3EPiXZ237m5+ZELA9ER1wDP8NDY=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-poptart; b=kHGBG8KmUtKvaOluO64HVWcSrN7/F02NkxyoDqkfZaoF3brrCj8PWNf9njKc03EKNScVgH /77ZoYr06Fsv+cT352CerOJn48/Rg2k/OZFv2j7Cg4b4BOAH0XYfNIw0c3wh3h8P6ML7qk0P zE086JAU7m/JHXCmeWdGMOWxAgtDA=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_b_ignores_wsp: spec: 12/16 description: ams b= ignores whitespace message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=L8GsQ6v/7miEWKMGu16QVCPF6IT8j9+DV/ZHzgm86gi5m2JYAq+BlkmiIDofRPW+QzAq85 2UlxwI2NZrhyAKgtM4FKO7+84P1eYwJKh57DZfCyUpqRx1Je2+vzT8ZggXQWYjFEu36MTDFX fRKVqPV3omyP+CFBzjJFFDLehJaPk=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR /UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_fields_b_head_case: spec: 12/16 description: ams b= canonicalization header key case insensitive message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 FROM: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_fields_b_head_unfold: spec: 12/16 description: ams b= canonicalization headers unfolded message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_fields_b_eol_wsp: spec: 12/16 description: ams b= canonicalization eol whitespace stripped message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_fields_b_inl_wsp: spec: 12/16 description: ams b= canonicalization inline whitespace reduced message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_fields_b_col_wsp: spec: 12/16 description: ams b= canonicalization colon whitespace removed message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_fields_b_na: spec: 12/16 description: ams b= not available message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=OzRrkSWsUTrQ14yM/vnwnE3FBgXOC8u2KaiR+kqtJ3fZRudMM3gZm815dG/TaYTIw9Ia22 voygKoSBc/48fUYFcmfKgwHHW/mlqHqP/eLSQ2/tQR/R+eG0ldsqj9nWhMfqRs6eNU32LMOd fpk9IcVRPAx8Uf306RgvfMmwKrwzk=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_b_empty: spec: 12/16 description: ams b= empty message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=4Crgst3Y5S/zOuKhpV14MKa5UBleFxBwmEeGMfTBptTZ+Pr9UcLFTmbWBCP2XkD0l4++kz LISbCEDLFFzPBXxi3p1TxUa/i7Ib1/F4oDSIwu4r4dGYoC2aR9ah4f1zjj2JM++V7PuFcn+Q +wETBwEKIM/uP4VabDjLAwhLfuvR4=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_b_base64: spec: 12/16 description: ams b= message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=DMVLxkygsAo8oIVh698NtvdqZ0RspPu/YPQqcSNFWFjjsfcF4hZXE3eGkrze4nTfz5XB6p s/210+6vqYSJIxMVxRJxO8wd7xQn0MyG/1NeNoW9qQdBuajHIPhgjCvJe2jnnvHn3MvaAjXR oh+Jco1pmRfeoLBPqPJmEvDW1/9F8=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=not_base_64; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_b_mod_sig: spec: 12/16 description: ams b= w/ modified value message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=ukwKeUuHm+O5bA374QNtQMipl6EYfgWlGGfgTGznPEaIFiTmV3A5lhOnCEGP8tr1CDYDl4 yo32S/rA3I0Z+GHWpo6pzcnh3+tvCBuwoxHZ5srbrTwOFNQWmPC2Bfwu4fetM8d73/wN8uKm ZziB/Gd1VTLLCRa4xx2C9QM+nYEQU=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=7sRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_b_mod_headers1: spec: 12/16 description: ams b= w/ modified headers 1 message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_b_mod_headers2: spec: 12/16 description: ams b= w/ modified headers 2 message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 (Mod) Hey gang, This is a test message. --J. cv: Fail ams_fields_bh_ignores_wsp: spec: 12/16 description: ams bh= ignores wsp message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=E8x7AZqCzrIuoNF9dWTyteDmtDLHk3J6CSXj1DfRHjk2cd0oeHUIXvtrNtMhYs2sFHoZRR NuVvgDUIwPcbtr2Bz9eYvUTuOToBRn9FZFqnpR/rHl5VbPAIhSwE98WT6PJt8pqNCyKyZU3I szoWq5cB3OWUv6QJ8ctb6rCZLbk3g=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=xWBIUyGnx5WlX005xU8TYkieptAqvslDc7lkuqyFpACyOklw0t4cAONgr6qUavTnRJyZoJ mXXIvvPk/7xgH9eT9lCFYk49vpo+fqZACxJwpRk6WbB3fwbfeZe8C2aL6X/G40ROlh4EVcy2 +NjgNS2X9ZEmxKuGEehFLqaJnx8yM=; bh=K WSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_fields_bh_sim_base: spec: 12/16 description: ams bh= simple canonicalization message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=d6sLFV7dCrZT/WzJil6ZyWcA/W5tJGLkP+yx1Fln+uZdjkswYMjvPkO2V2kvMrh2GBgjee j9QiqfGHsJvGqAKrFVzxHEsgVA0IYN6tI5wTKMLgu09b8BeHUr49/XnBEemjbgO8W9n9SCyX hKjsZK5b5ZIYBqjCSDZUwWRWfJywk=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=c+pRG+RBumfEVWDAjHVupy4hZHN2F/AMLHoj6Vha9px35oo6eoyMxxOFUvBgVIUVphuSwV 198baYTV6Of9DHw44VS5rf6MDZNtVc8lwm8ei8aSAgzSnuhnr0jW2j134QTsEL1TK1bWfs+l QGXDBN5AUDsbk4jN5akoDqmH7gNlc=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/simple; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_fields_bh_sim_end_lines: spec: 12/16 description: ams bh= simple canonicalization ignores ending empty lines message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=d6sLFV7dCrZT/WzJil6ZyWcA/W5tJGLkP+yx1Fln+uZdjkswYMjvPkO2V2kvMrh2GBgjee j9QiqfGHsJvGqAKrFVzxHEsgVA0IYN6tI5wTKMLgu09b8BeHUr49/XnBEemjbgO8W9n9SCyX hKjsZK5b5ZIYBqjCSDZUwWRWfJywk=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=c+pRG+RBumfEVWDAjHVupy4hZHN2F/AMLHoj6Vha9px35oo6eoyMxxOFUvBgVIUVphuSwV 198baYTV6Of9DHw44VS5rf6MDZNtVc8lwm8ei8aSAgzSnuhnr0jW2j134QTsEL1TK1bWfs+l QGXDBN5AUDsbk4jN5akoDqmH7gNlc=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/simple; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_fields_bh_sim_inl_wsp: spec: 12/16 description: ams bh= simple canonicalization doesnt reduce wsp message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=d6sLFV7dCrZT/WzJil6ZyWcA/W5tJGLkP+yx1Fln+uZdjkswYMjvPkO2V2kvMrh2GBgjee j9QiqfGHsJvGqAKrFVzxHEsgVA0IYN6tI5wTKMLgu09b8BeHUr49/XnBEemjbgO8W9n9SCyX hKjsZK5b5ZIYBqjCSDZUwWRWfJywk=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=c+pRG+RBumfEVWDAjHVupy4hZHN2F/AMLHoj6Vha9px35oo6eoyMxxOFUvBgVIUVphuSwV 198baYTV6Of9DHw44VS5rf6MDZNtVc8lwm8ei8aSAgzSnuhnr0jW2j134QTsEL1TK1bWfs+l QGXDBN5AUDsbk4jN5akoDqmH7gNlc=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/simple; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_bh_rel_eol_wsp: spec: 12/16 description: ams bh= relaxed canonicalization deletes trailing whitespace message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_fields_bh_rel_inl_wsp: spec: 12/16 description: ams bh= relaxed canonicalization reduces inline whitespace message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_fields_bh_rel_end_lines: spec: 12/16 description: ams bh= relaxed canonicalization ignores end of body empty lines message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_fields_bh_rel_trail_crlf: spec: 12/16 description: ams bh= relaxed canonicalization adds crlf at end of body if non existant message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_fields_bh_na: spec: 12/16 description: ams bh= not available message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=YoXbDMNRVADrsGTtqAuMLWVnRIj62jQOSDFCX875c5ksVoWcKstnor+cGw/PJnz0cPuFGH +vjw3y+tcgBDDbK1qBVyMUpHrahTLL/0IY2jMzoLgPYz7Yawv/gpn7GlyXL72Vdr58s/nEfk le/2NmfPZjlUezbwsw+UHbuqT5V38=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=m5y+bcsy0duHt1KxJ2EakY2mOpwIrFaHD60tlw1PmqNdy4M7XLGTnA10R7k1OsFAQNQdZM n1aKsKDpYuRX21avSuDxximXFwkcWYevOqUmaklFXiWyJVXd9fHId0sEtNt0L28HInLwHeCf IPYbUuddJ8wRWei04RZjqdybh4f2o=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_bh_empty: spec: 12/16 description: ams bh= empty message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=YoXbDMNRVADrsGTtqAuMLWVnRIj62jQOSDFCX875c5ksVoWcKstnor+cGw/PJnz0cPuFGH +vjw3y+tcgBDDbK1qBVyMUpHrahTLL/0IY2jMzoLgPYz7Yawv/gpn7GlyXL72Vdr58s/nEfk le/2NmfPZjlUezbwsw+UHbuqT5V38=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=m5y+bcsy0duHt1KxJ2EakY2mOpwIrFaHD60tlw1PmqNdy4M7XLGTnA10R7k1OsFAQNQdZM n1aKsKDpYuRX21avSuDxximXFwkcWYevOqUmaklFXiWyJVXd9fHId0sEtNt0L28HInLwHeCf IPYbUuddJ8wRWei04RZjqdybh4f2o=; bh=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_bh_base64: spec: 12/16 description: ams bh= not base64 message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=YoXbDMNRVADrsGTtqAuMLWVnRIj62jQOSDFCX875c5ksVoWcKstnor+cGw/PJnz0cPuFGH +vjw3y+tcgBDDbK1qBVyMUpHrahTLL/0IY2jMzoLgPYz7Yawv/gpn7GlyXL72Vdr58s/nEfk le/2NmfPZjlUezbwsw+UHbuqT5V38=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=m5y+bcsy0duHt1KxJ2EakY2mOpwIrFaHD60tlw1PmqNdy4M7XLGTnA10R7k1OsFAQNQdZM n1aKsKDpYuRX21avSuDxximXFwkcWYevOqUmaklFXiWyJVXd9fHId0sEtNt0L28HInLwHeCf IPYbUuddJ8wRWei04RZjqdybh4f2o=; bh=not_base_64; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_bh_mod_sig: spec: 12/16 description: ams bh= modified sig message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=YoXbDMNRVADrsGTtqAuMLWVnRIj62jQOSDFCX875c5ksVoWcKstnor+cGw/PJnz0cPuFGH +vjw3y+tcgBDDbK1qBVyMUpHrahTLL/0IY2jMzoLgPYz7Yawv/gpn7GlyXL72Vdr58s/nEfk le/2NmfPZjlUezbwsw+UHbuqT5V38=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=m5y+bcsy0duHt1KxJ2EakY2mOpwIrFaHD60tlw1PmqNdy4M7XLGTnA10R7k1OsFAQNQdZM n1aKsKDpYuRX21avSuDxximXFwkcWYevOqUmaklFXiWyJVXd9fHId0sEtNt0L28HInLwHeCf IPYbUuddJ8wRWei04RZjqdybh4f2o=; bh=Z3JlbWxpbnM=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_bh_mod_body: spec: 12/16 description: ams bh= modified body message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a modified test message. --J. cv: Fail ams_fields_c_na: spec: 12/16 description: ams c= not available message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=ygcIhWO/8u3FP5h+7kQH7X9Yqxs0MIHuMUA6PapmNf+8CP5Fb/mY/mZ5aUcLxJNozQ2oUU ukkGEysRaqm5uTJMhiy4YjZgJqMRVka3xMGeIaSw1PiugVu015l8wKR1ollDSN7POJaajQBC /4mUnAUFfND8OqfE/VimB6flYiUJ8=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=1+WHHTxU+XLWVsbRsvjlW2kMRRhmGE+OE9jxnmLt4ryEa/AezAflCMmVzM7r1dKwxJA1oc YmkN0ga0CO/nxSvB9XR0dsg/TH7TTSQKIllCRxsmGLt+jG/9Mw5yTRxtBOOuFK4xbHbFbCLU vRCry9p9YZpoAemnEb24tm9vjlrsQ=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_c_empty: spec: 12/16 description: ams c= empty message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=eTLQqvFomQqHaOc36izhl5UMp6wVe8vGsLLuPCraumms100F7tOUhRpAII90YkwX0AK+RT 5ij+3Ngk2sQRpMupfFTgeF1olGU+jt943VkFbmSYXYp0AwBe4TGsLugWmfkUy2sGBSC1Rv7n ZaC9m6Y2bNMJcwix1EAuFFV6ck1Wg=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QdAvD1bnatYxK/JQCvI1uSuKxOYC+oR7wqg/twCt+zAFm8Tvu+fZpO79+TSx+cLAETXKNT 6mgQLaLROfq3sNf8tP0f/4oqzMUb6Ybz2syHL7hkmC6Za5Ii8RDKwMSc8lmvJk6HXUKgsndZ vWsQCfv+jyLmfDfCI8v9WP7xa2UEU=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_c_rr: spec: 12/16 description: ams c= relaxed/relaxed message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_fields_c_rs: spec: 12/16 description: ams c= relaxed/simple message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=d6sLFV7dCrZT/WzJil6ZyWcA/W5tJGLkP+yx1Fln+uZdjkswYMjvPkO2V2kvMrh2GBgjee j9QiqfGHsJvGqAKrFVzxHEsgVA0IYN6tI5wTKMLgu09b8BeHUr49/XnBEemjbgO8W9n9SCyX hKjsZK5b5ZIYBqjCSDZUwWRWfJywk=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=c+pRG+RBumfEVWDAjHVupy4hZHN2F/AMLHoj6Vha9px35oo6eoyMxxOFUvBgVIUVphuSwV 198baYTV6Of9DHw44VS5rf6MDZNtVc8lwm8ei8aSAgzSnuhnr0jW2j134QTsEL1TK1bWfs+l QGXDBN5AUDsbk4jN5akoDqmH7gNlc=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/simple; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_fields_c_sr: spec: 12/16 description: ams c= simple/relaxed message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=rhXdX7jNW4wMS/SjYKBYC9eW6q5KnnQ7UGICE45CsYhwEoi38c3nM+91lvM3zhUILxo51X htsrMDLw5TJeZdiCqgXhQZmSEzR+KEdnu2oidezrK/hUzYPlKdO59EQgGIiDAmIRoKZ6+rGV fUCltnyjA07a9KpIpeXRKT3WDCE6A=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=RWHWmB6euT01CXN0PJKCrmmoPPGc+pxxurfyJBjnNzkTizZKD7XwHLqTuNPaRG7PULU6ffq8FQ7IivdffwqXNj4L3ttpKNIjfsndMFvn5lpKZGfvJZfjTmbTJMhF4CCJZZm7l1xy7LbYMaMb12WY47vXOe9RNjW7jQyw8iqctcA=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=simple/relaxed; d=example.org; h=From:To:Date:Subject:MIME-Version:ARC-Authentication-Results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_fields_c_ss: spec: 12/16 description: ams c= simple/simple message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=X9qtjasr0URzC564MZz0bwckcIVnBW9yUZP+xt4rStU7MIuuo266KZ1V/e5tbg/MOCZJ2m 3hvKRsVy1fMeIus2RVBg88zwfjyRMsJBC+zKV8oONpIcxriN8imZcaeWdcfsghbAFBM3viCE MdvebSvInMfz0vZsD1DJBYTjPel8w=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=fv7KIaPfZRTQynzpQ7Gkg3thdZn78iGc5L1hTQoWrY1nSaE3pqQTHsGDW7+FRquewwFoakGLSERxBnC67Sdvw9Exv+/CEs/spqRrDjNygkCf/BIZcURb2nXXFHqPy31X6r2bufWKj6Lbo+5MCyaS2tWkV+KoZhUpolYSo0CoGfk=; bh=hhFbTjokraRYc/Af+8v4zyKm/9ApHGkBSLO129NtPbo=; c=simple/simple; d=example.org; h=From:To:Date:Subject:MIME-Version:ARC-Authentication-Results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_fields_c_invalid: spec: 12/16 description: ams c= invalid message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=YYGtMgeVAGSLLMZ0k9D0yRRzsfKpbHCoqfLAKz+Du2++GE82Dvz2OT60ebG9m6vmT6nT1t D+rMJnTXIZDUPZ6BLH8rLo8jMb33cBV5NzBD3SDYqWA7OOkYrMGRGmoMfxpcGV8m77YykscT +cpxxA2Ytld+YTd0mTtxdOCN3T1M4=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=DJZENNFBf+SwDthFmU1ztUBIsKRAAaUdY9CjuGXejv8T29jf3q3EDUz6OnMevRWiSLj4ED gymMDJNGSTUaz3N85KmzWrTJ7QOLNke1H9L9kkfEFowatF8fW5cV/7Y6Ubzh0e1626TELeE+ kvczpXT7prdjJZZjQAbDuHsWXkOys=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=pancake/waffle; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_d_na: spec: 12/16 description: ams d= not available message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=xPtYeQQruf8zzJ9kUrMESmH9ooORAIArDB3MhPcaL+0fgmuc99fprb+aMaSqY6OdZvAEoO EBczyfdtlGKcqLqa5qpXYlukRfG3q8mlOd+8UU1u1bikCzfT/JI8PNerzaoxlksJfmt8zJT0 f40IWBJnoRpPNqJSBFb8acvLVZFcQ=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=iDLI16Dzhtt9CmHLpkUXy7d5legcVvxkPMStdfrYQfNfpwVia165ca2lGI7Sx79pCoMmy3 sSWBrLHsTQkKylsGswc0br0ycquKhxHgQh0WChxQd6ITVGQvFO/wZJd2jtE5E/KDbPKDjEio qLfCWpVe2KT1UZ89V+E9tg0T5TgwY=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_d_empty: spec: 12/16 description: ams d= empty message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=Nn38++8Vf80guievTz8fSFN9VjbPdeRVR5LmvzRt0IMRzZ75FThtzO1VM0grGeUj+D39ri 0ZwIgNyVtZXfG17FEO5BGQq4ZddLQoWHLKTeOWXL59FPhGRJkxiKNefS2c5YqZQ0NI8VkKY0 HQlX6AeD/CHHE/bpcg7fFB5/WWnLE=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=yKCB5xEcyzGr2+mbXWsVDHDZB1PYe9MqqTWySS7Y32uFObEA/MNJmt5yPnZLScwQUhzeTc WL701aDMyPmlYlGnqxl2/QkvEw5hZNfOmD5gltxTlIabWyRrC1Qq/1RS2zDqvF2Qf8SJL1U7 gL6jf82iBTT61ckhPraYGIdgI9hlo=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_d_invalid: spec: 12/16 description: ams d= not valid domain name message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=G8wYXXsNzfrmW5ob/HLkPkg0hz37d0O01HmLr8E8IQUPAa4lywxmOekn0bmKfOvK5p77Dz JEue+awK3gHG7/obHdRLamg8cYxmj4qfR6Ay0baikigUF4Wyt77JsVUqCC1qedRNcRN3IGPx 7rrNSyzVlIWYPal3pQZc3E1ClpG2I=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=rllEQ7rbed0w+ixVEkL/jiUZrjyDdTQ1d+qnNGEvpzzjh2xFla14BKDcXo7q/aX25lxl0e yzw6yf5PFJC6JWqj5h3sFtLO6hS+E0DXyPZx0ok9tNiv7QV4YqY9fWeA64OZD183DKISDZnD mx/r0Svb5thGZvzvyfuAQapHke/Rk=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example...; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_h_empty: spec: 12/16 description: ams h= empty message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=V/iPFUptKaruDTBpwKcf5i6nu54GxrG3ss2bfPqqT3I5MGMyRmtE+J0kOVtU9qtHIhXUng Iezv5+gCOIf2jP1eYGvhN2Wmkf2zsShG6+Rfpnp9fih71C1f6fh6Qp4tTUhB6ww4ZOTKtVdv H0C2s/5in4RLMxS0FUWge8CvlTnGs=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=ex6hirqdOz1yO1SZE3ALisw3dj1La5L4qHcv8/ttCs1qGajzw0zEtUyMnskTPQnt9cxxF3 T74KRXlPVN/4Aqn+K/Q4NHtOW9vyuLt9ek9Vm6/xvZ10KTMrxv24u0eLnsigC6NfablL4wAM epZDlyjf/HPBd0yVLQL8yFDtQ5fE0=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_fields_h_cws1: spec: 12/16 description: ams h= colon folding whitspace ignored message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=0+WA3Dpt9Y1lJ5wkoOZsh6KXEQFv0YE+ykvXAdS5t1toEui1UWzLyKWxSD/H/Xc6eCaQZM ji4IxybZ4OrIdV0yRe1fGqYN/bJ3KnkuzrHpaikXRWxXdX8tiIu5+I+HmERxuGzGqHdNv2zj 5L8PNAsGs4LDg3xQXEe3FQAvis9OA=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=Lq5Sy1R3C0RaTxKWfggKBJ2MOdgAHeFy1nELK1c+CFnxdvSL+OxuvSxk8HYv7YMJDTR4Na 1D5GaFedB1uYVQsz1T5e3p9B+54W4bObByD14WvTGKV3ys8FlOf4MdRIlD4o6N3INfHrNbYX zwPKjkoYbteAEQ/kTpjESOpm131io=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from : to : date : subject : mime-version : arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_fields_h_cws2: spec: 12/16 description: ams h= colon folding whitspace ignored message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=0+WA3Dpt9Y1lJ5wkoOZsh6KXEQFv0YE+ykvXAdS5t1toEui1UWzLyKWxSD/H/Xc6eCaQZM ji4IxybZ4OrIdV0yRe1fGqYN/bJ3KnkuzrHpaikXRWxXdX8tiIu5+I+HmERxuGzGqHdNv2zj 5L8PNAsGs4LDg3xQXEe3FQAvis9OA=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=Lq5Sy1R3C0RaTxKWfggKBJ2MOdgAHeFy1nELK1c+CFnxdvSL+OxuvSxk8HYv7YMJDTR4Na 1D5GaFedB1uYVQsz1T5e3p9B+54W4bObByD14WvTGKV3ys8FlOf4MdRIlD4o6N3INfHrNbYX zwPKjkoYbteAEQ/kTpjESOpm131io=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from : to : date : subject : mime-version : arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_fields_h_case: spec: 12/16 description: ams h= case insensitive message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=me1uYrnpt5Cdjkfj+bqK8X6abs8TET4r5Wp6e6ZuZ2FAtSzfx8WdnHCnBLUj7t/PR+EGne h4auyljzkm2gz09I0MbaYkd+xDmkRoN2WrFotceq+iROoDLf2NgZJb3SfDcVFp8emRMyyaGL WAtshPjJWnjoNfm+3clEpXzPw4WM4=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=OCzwOGeJy6YL07Rh1A970C9pAK2YJeXr0rDVVbsd/aOxTeKbrIxOfQsJ5hYaze0aeE5U0p y/45cz4Jg07Ch61xZ0G3R3ne4eXxPauAU6QKPwr45HxO2gDywmNruiJP0JPTzcC9SVV/YjyL OGobZNIwUWR1hEkd5/UuAXHk23Q4g=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=From:To:Date:Subject:Mime-version:Arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_fields_h_dup1: spec: 12/16 description: ams h= with duplicated header correct order(bottom up) message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=tv8fgth8OQw5DylJlW253wBM12VcMvjFLj+TwonVXPiSPJ1hV7F24q0rgmYeVhSBK/+4Ou kPW3e9oqILXx95sXrE4fiiz46//FtZK7z0YVzy/B3QpR7fGxzzA5uVoUh4WNd0oQEejwDKss ILrzkyu6fDUZ1kLeKyk3clE7b/NJo=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=rGZpmx8nA8Fe0yQ319Ns+DPmwx9ToC7Z5Ba5NNGYtmXF87xboR0Cy7yxlJ2ek6j8WqCRXI jKV32tgZBXu5upoveTLBGzSe+NPTL2SkU2nFnktJjjPwTiPAYyXVBY1Uy7uSv9dT+wfB4Hvg Hm/nSrzqTBOxPsND1F1b2rzE1elQo=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: morty@dmarc.org To: evil_morty@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_fields_h_non_existant: spec: 12/16 description: ams h= signing non-existant header field message: | Return-Path: ARC-Seal: a=rsa-sha256; b=cEfCkdG3zAUpq2XMYEvcI8e+nD53NUuUr/NQ74UBTzSVJBOsNQKADtUWqYirSlB9AFeEIq VGstwfXqh5TiMv1Uk9O04vM7WxrmMsqZI+GiRQvtaanfZQMcaYME1pCURdkDbMK/MOUGV+W2 j9anSPB91SOQruKUDtqgwq8z87Ajc=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QHma3KzZiiP6Yq5jWp+mLznldNAMpK9ffvI87mbvEFFd1YSfoJu9JrxtBgv3/MEBFHLPm9 qTii8g+94xOLgp/LEC/dM2E/u7yPAKKMz5fMzJfwqSGAGyBg2f12Mkyaqs3dzv97nZTZFkj8 mHCV6SHNfnC+lkIs5XpJNRtddvolQ=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_fields_h_mis_hdr: spec: 12/16 description: ams h= blank sig-header message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=FCq5UA4xGNozfvMgZkQ0Wpu4Q0dkGbrNvMKc0SNQnbObHCA84DNwUUp+I41h5ZvwQBAGxf hvUfjmsMFHBtsYj/aQ5kkehVPkOZ/6hengnO0IJs78Ab/5eivdD7MRLuShcTWd9qx32dVFJD yx8qIaRZplvJYl30ry7sOJQu4qSZk=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=4TbROXpBlHvYUMMvecTyaEqk0DtgISmfrz9L7QEizbAaI6vgDPu1xD8LSj4CfHpak6GMde zpqtfiITgVTBKbkZi2kuFQwmu5xWsReExZEiNq7Tr6L5iObGjL0A27RIBj4znEmO6mk2Umnl +c6LR5XzyE65FGLZ+9nSH2U12klzI=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to::date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_fields_h_non_existant_dup: spec: 12/16 description: ams h= duplicated non-existant header field message: | Return-Path: ARC-Seal: a=rsa-sha256; b=akTog4W3hR16mF9pNZIhHzcceyST1LHWaIsDPobRX6iy5jBRbpb+lyKlcyZmS02T2kFYG9 iOWQ6UZruiQXQu/u/GSkn0RSCwHWTfb25YqrQBLwH7pki4bDGHrTSrGbuYnFEHadYl2B8Gxo UXYn2/XBBil6Dkku2SswdN6RZhhoM=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=CvqFe5bB3kFEFvITOTVx7VcrJQBT5aAtUJjX0h1L1Gh0MtUQofgKfOakgKr5kUIxv2foZY KJzwNSuUNnDyY87HJeT02j4JlpYnj0+PzB8xjW2Kj4/4TrLMkcJsfC2wujZClzXW65uCsFEb 0ht8EEQis3581f6/S2V+2pHxvqRiM=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results:mime-version; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_fields_h_includes_ams: spec: 12/16 description: ams fields h includes AMS1 message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=XSOc6bESO7Ek4iCPyVXVE7aR8HUBBOXdOKmFpJO/3DI8rLRHHfRT9XAML3OsBE2RYj+0yd ypsBg8UQEewpY6Z5KEUhxfzwaBGObKr1pgwjkYiOBpPTV1Xfv1lGT+1qlJtBR2AGJauCEs7G fNzwa3MI+iO9E8g6aO/m9Mk1BlLHY=; cv=pass; d=example.org; i=2; s=dummy; t=12346 ARC-Message-Signature: a=rsa-sha256; b=vpypMlcZNGmeVETFS/+v/Uk9npQE1LhY8tha0XTaeeNMgK1fzWaxvUHY0cuumuzK2pU25O uWTt08QEXczUR/BLmiZaYUWQV8qGOAv5umtEshqjB+0KPg5W09N20vQp8OXMQrenjZz0YPsy VweEidqd3HAcWSbZgW3jAFKXHGSXc=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:arc-message-signature:date:subject:mime-version:arc-authentication-results; i=2; s=dummy; t=12346 ARC-Authentication-Results: i=2; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass comment: | Its unclear whether this should be supported or not. Right now it isnt forbidden by the spec, so we will leave this as is. ams_fields_h_na: spec: 12/16 description: ams h= not available message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=O9vrOnKLOdZXxa46F8RDPTzqW14JYE7idGn0AfedcpWh58mPFE9jXHeaMda5L59thiQrJN T7Smno713R6DU9CfvnOvq8rQXCJ6D7GzWFhhOn6wEbjTaFQQ3jHn67XVDVnb4yjLElVhixob pG5ouN8U1TPqPWf+41wrIrCd5Mocw=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=RidA92CmsCgK81At2aPnlGuFlbvNT5IdWz7Z/6j765oabi0LEDkpB+2q+C5TJfc28Gj0Ok gghf2ykPbb7WniSvCue66fvUYaABU5m84urSzGd3MG3F47vTzCQ5qLah7E0UssP2QbP2b1Rt Hry/RlkOzlWeSlxpCcPvArmmcADTc=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_h_dup2: spec: 12/16 description: ams h= with duplicated header not correct order(bottom up) message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=tv8fgth8OQw5DylJlW253wBM12VcMvjFLj+TwonVXPiSPJ1hV7F24q0rgmYeVhSBK/+4Ou kPW3e9oqILXx95sXrE4fiiz46//FtZK7z0YVzy/B3QpR7fGxzzA5uVoUh4WNd0oQEejwDKss ILrzkyu6fDUZ1kLeKyk3clE7b/NJo=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=rGZpmx8nA8Fe0yQ319Ns+DPmwx9ToC7Z5Ba5NNGYtmXF87xboR0Cy7yxlJ2ek6j8WqCRXI jKV32tgZBXu5upoveTLBGzSe+NPTL2SkU2nFnktJjjPwTiPAYyXVBY1Uy7uSv9dT+wfB4Hvg Hm/nSrzqTBOxPsND1F1b2rzE1elQo=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: evil_morty@dmarc.org To: morty@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_h_order: spec: 12/16 description: ams h= mis ordered message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=vTCiDmh8p+YFqH8WSxCrLVT3IS1Xmt35hs9y2Fb4EriRTTEmD7lWa0UrCe9j/a3yftcMAb 8W01KgTrdIhmUMF7YrElyT1cGc0ChGHmdkuA2MpVBnLJMCgtXEQkWcVRne38KB9P+GLvr5uD nBOjOJNoBt4Nt+Y8zCKG/tN2RetKk=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=2o+Wl1gzbDmg4Hv5q52M7V+E6KBhMISVmqTDrk1HfOgMJwJ+0v8Nl18EjbL+iOTu6Vxz9+ 1m64cPsNr1Tgm79jjqugOKDI/yaU7h4DaFMmN54tGX8j1ElMXSl8ghcfaknApLU060vKVUoo F2GfD1qo+SSox3wkZNkPQdGKjNmQM=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_h_empty_added: spec: 12/16 description: ams h= signing non-existant header field is then added(MIME-Version) message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=cEfCkdG3zAUpq2XMYEvcI8e+nD53NUuUr/NQ74UBTzSVJBOsNQKADtUWqYirSlB9AFeEIq VGstwfXqh5TiMv1Uk9O04vM7WxrmMsqZI+GiRQvtaanfZQMcaYME1pCURdkDbMK/MOUGV+W2 j9anSPB91SOQruKUDtqgwq8z87Ajc=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QHma3KzZiiP6Yq5jWp+mLznldNAMpK9ffvI87mbvEFFd1YSfoJu9JrxtBgv3/MEBFHLPm9 qTii8g+94xOLgp/LEC/dM2E/u7yPAKKMz5fMzJfwqSGAGyBg2f12Mkyaqs3dzv97nZTZFkj8 mHCV6SHNfnC+lkIs5XpJNRtddvolQ=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_h_includes_as: spec: 12/16 description: ams fields h includes AS(1) message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=OuFcuRk6CdaxxeBmCdvzoFxM6G0xmA3XNh1F243uPQsstHJ+T0csqD6PADig/UPV/Aj6fQ kAOsyZOzIK1X9ZCZLB2idFymnyWtYc2spNgCiSfwQiQuS3SFVUtr+Y7v58PtyAy2HCb2pA5I OIY1WjbK1Pd4SrJbZ4/M0d0wgFt7g=; cv=pass; d=example.org; i=2; s=dummy; t=12346 ARC-Message-Signature: a=rsa-sha256; b=T5uPa/aCBkG1PK5dsSgO5US5yVvKnf/DAsyxMDCLVgw3auULB52XaLkZbc5KAcbGwz4KQZ H8TTB1qbdHGyUpA/1Tq4QveM4z1x/s/2gK/thnoW0wWEHu5frgmd3tVg8kEjrmU6HOJ1SNYq Qgjxvsd/OwpjYsfOjODwgyGDR/doE=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:arc-seal:date:subject:mime-version:arc-authentication-results; i=2; s=dummy; t=12346 ARC-Authentication-Results: i=2; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_s_na: spec: 12/16 description: ams s= not available message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=zlVnN6R6lixbru5oAlqBAalgQAcbqVJi0fZe8u57TJTTLHNl+LRLeQRsLQ4OcZ2n5XLTSZ ZAEsfzFQWeFruAnDpA7yT7/YTUYvQM7KdVzx4vl4FSTllt1wb0UJ0SNjlNGiudA94D43LOsx CsESqhYaVWRz4gLkD2P6FfqZLGCZg=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=1yhACoFkMMv54Xwy9PCxFazQ8BtUb99MhAUEk4Xwq7gVqDoyND9X+pa8CGMYSNUOn2I4tx 4PyDzLhPNf+a4AciBNvFhHwK4lljIQAS514NuaNfv3PR0KDkkoXYv8J1EkI9yAyvOzl5Ka2B 2yNTkGi6GucEwUlu2Qrk0RYhOYOVM=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_s_empty: spec: 12/16 description: ams s= empty message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=iUyd0NGqGiWwg11FiLSmb+053tfp1baKV04kpufd+RESTCeMHlAHj/N2ZyLCHnCZSfgDTb hJy5KSpxO1nsSOlG/FsI6zwfEWCEP91aNjzEQxrX9iCg/zihZ9uv3wgmSOasjjt2kVGCcJUM iLpzGuccZW6C0S8QyOA8ClL0cHnrs=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=DMnmzfNSgbRhHJmeSr5Ahc9FzG0ZFQxd7FVPrmmbpB78dtA4tjLUywkekiqhABliJzs0ut zzkNYHyP0hlxGTaYOQ6OgV+1loymJCJDin9FhPV62CGOBXznuaRxFI+aWKHjW6SFFrZplQHG UQcAeHg8Dd8tdKV4dgUnuW+aphtiQ=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_t_na: spec: 12/16 description: ams t= not available message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=rx+UjBcicBZ6s5/J7S5oMw3YVWAWg+q4Sb4XqR0tMmhOyhjLq7702sEFlEDHJjdTuTVMg+ c2qwv/XucEGW8/i4AMzNgkzpwk1Icsr0GHGbR7Jm8V+k6Z08tvQ4x1UaYgrTKmSQeyKq8rQQ rRdzsqqX73OFp/cKLa42T3JVTrQpc=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=iRbmo9I0Qn8ZELD2xJ754eoEATUfoRxli5qMUi3AQTwGLHU6oaLFsAP7JDYjRm6al3XGp8 73NpnbncM6dnqlBvKK5OmekgztBKiyo7w0Uj6NZbq2KJXYiVW2vAbVkNwy4vPNhMHVTbD/xB PWROiovFOL0q2mHDT1KKLiSzEfrWA=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass ams_fields_t_empty: spec: 12/16 description: ams t= empty message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=J1fBm2GXu8CCXApvRsyBIITcTcJ4MdgwPIUK2e+vU57BId7RYv2i7/ORWrImxasfuFD17v oU0TUpKqBmD/o6ZdLcgxg72iaYN7CoN9uK9Vr1llrVHuhJa4WUW0XG+a3XqKB2PXJh0LckJu 215qpJ4wqx+/6aGVuxQp5LXwktEDM=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=GO1zQzqzWlsUbs6Rag7bYFPB2LgxCLkex8PRM+4/IbysgHm1TVtsPCVAAYp8+MK8UDyuuR s3wgba6Zgh08O4F3MGn5ouJmplCkS/mF1MTAuWF1BiBkzYTdNmwhESK3GBTDNgTzBwa0upsw aYiT87hDd1aqIKekvR3ZyEtZAN0Bc=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t= ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_fields_t_invalid: spec: 12/16 description: ams t= invalid message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=g1Xr4aSSeSDH0CUBae/NLjI30AgmGDwAdG5BC2c/OuTKGROcimWkt3ikql9YlvBv/3O8AQ fe1XJqEq8EwFpKgk2YvMiWV4YKWPGb4DVNn/N2nk79o2KH/DlXNU4fLGvae9leiu1E+KJERC /sYt7EA0rffMCWMjfHivWEx1swomo=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=B9XbvvEBkWcBoOY6hBRGeJLsADsuzM0ZRvpeBWgF/nx8itykfMZmdeVPzVY5SI7MRCi8jp +RtfP938tY75D6wfNd4+mrDkHyEQFAiE+UlYWjZOGx69go2UQyN5+wocPHHps4n9j279es08 zmmxQXWG8wuoq53Y1CfrwNyniO824=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=icecream ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail txt-records: dummy._domainkey.example.org: >- v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkHlOQoBTzWRiGs5V6NpP3id Y6Wk08a5qhdR6wy5bdOKb2jLQiY/J16JYi0Qvx/byYzCNb3W91y3FutACDfzwQ/BC/e/8uBsCR+yz1Lx j+PL6lHvqMKrM3rG4hstT5QjvHO9PzoxZyVYLzBfO2EeC3Ip3G+2kryOTIKT+l/K4w3QIDAQAB --- description: >- Arc Seal Set Structure tests: as_struct_i_na: description: AS i= NA message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=2ScmNq/nw+PcTFaRUZr6ynujs8zh0C1dJiZhO7XwXZ1Wgqjgql0NJzCEPlZ8JLT1EF9vx0 iCa9BPPYBmopN0d2UcZVRS3rkrioxlCXfCA9bFi287v/mZCAYY0vkEJqpb60oAuOTL4CImqd FRzkc52yZZEYC4U/gPyluWJQ6P29M=; cv=none; d=example.org; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail as_struct_i_empty: description: AS i= empty message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=HDF/3ZvQV+3g1pPoOxLwCgVUgalgi68PMmydT4JHPFEq36jEkMwATstQulCu4Qexedp55d 3SX7YupWVg0nkl13bghp7ax+EvGREVTqPCLjawLFp6rLkM24ryiJb4xwF9WtXHWZlZCJUfTl kPUpNHxi52l0u75XeSe69lB4rCWOA=; cv=none; d=example.org; i=; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail as_struct_i_zero: description: AS i= 0 message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=ATiDsxkI1nXV+hpjshT3uFaKndUOSdfMdrGgmZvHEDmTWR2oWB6bNbG6K83D/C/JKKDs1G 4XLhmWn+5wGAMMkFCdxkuqIxjco4UHJkBj+6KwlvJv5/1yxAyZXdBR+aF9eKrz9YXyrNgMsi CADCxXR/5RV8W6sB+Wxrgr1CPkitU=; cv=none; d=example.org; i=0; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail as_struct_i_invalid: description: AS i= invalid value message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=EcQ16Bmi1GglUN2XnzTmixnR74rMt6K2VhtnHiH3o5+nLA7IPD/e9EbMjnhWK+IKw6WTdY MrNju5/13Hy9aUnUNDKRZrFbZx8bQzHk232QjFs1KLaUOwFUarbBEdHGmLRxLvSGzzYDXxFR ISrT+Q+55ZN0f5zjJbkeNNr6TraBU=; cv=none; d=example.org; i=blorp; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail as_struct_dup: description: Duplicate AS for i=1 message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail as_struct_missing: description: Missing AS for i=1 message: | MIME-Version: 1.0 Return-Path: ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail txt-records: dummy._domainkey.example.org: >- v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkHlOQoBTzWRiGs5V6NpP3id Y6Wk08a5qhdR6wy5bdOKb2jLQiY/J16JYi0Qvx/byYzCNb3W91y3FutACDfzwQ/BC/e/8uBsCR+yz1Lx j+PL6lHvqMKrM3rG4hstT5QjvHO9PzoxZyVYLzBfO2EeC3Ip3G+2kryOTIKT+l/K4w3QIDAQAB --- description: >- Arc Seal Format tests: as_format_sc_wsp: spec: 12/16 description: as format tag whitespace around semicolon ignored message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=sQHCWC9A8lAbvcPG+3jfih4lRJY/A0OI/GBGE4AYHf8u9cgsxOvyCqDWF3mr91HE5PhNh4 RZW95NC6qhxEhnXLaXswqco2JXMVR6/rM5Q49bDE2RtlNen7wubw56NoJD2A7IGUSOzHaAiJ QhRTSoyG5OwNBC8+GlugUJi5mmZNU=; cv=none; d=example.org; i=1 ; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Pass as_format_eq_wsp: spec: 12/16 description: as format tag whitespace around equals ignored message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=u4XUza5aJKdMCwCMffAieua1x4N9tZpKlx7UwMcdgV+BuIZc48C3rF8xu6BnoRQCaulZmW 4EYspmshC6cGg+kmYaWR/sbW712Ag8W33enEcoh35XLTg9QHg7zWvftk746RrVFb5Ch8iRsU PJ0gkAieomzXwlqCIBZQD5Yz2LB38=; cv=none; d=example.org; i = 1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Pass as_format_tags_trail_sc: spec: 12/16 description: as trailing ; no effect message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=AcBD4PAxYztV5R8jYyYXKuMBWBRja89F6yBTQVtQ1FFUxQVYGOrFlnh3/r8/YtFt13NELg FpYeY3gnzudk30PoZZvM2MG9h07ByTgl0lSEsRLhN+ZtqoHRq1QGdW8oqOXntI51FbKwBdoe cHtLh18GzKAvazRWzv8//vQInYp/Y=; cv=none; d=example.org; i=1; s=dummy; t=12345; ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Pass as_format_tags_unknown: spec: 12/16 description: as unknown tags no effect message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=FriX6cOxgBHhZwNYHn0KXSWVqwHPNV6sRAKUy9iN1OqwvAK9USwMsg/P08yXrUH8LRaijm msJjp0KUFYiffoQrhsxHwv1hJIGceJZB7lOFeZn7Z5aym4eBp7q7idwNyIaGKL7E0WzVkeAT RQ5LhtOInN23gugfmW6z8MUUvow5Y=; cv=none; d=example.org; i=1; s=dummy; t=12345; w=catparty ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Pass as_format_inv_tag_key: spec: 12/16 description: as format invalid tag key message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=f0DaIeWMnbbdvwQoBVCi3pw8hmSBdK4xfQvJH2BM0qG22MkQwBAsDkD/dnAML6bvVeMFjq aaLsCccFC3IZGvOzTsxbJTmbV0gHdPdYcsfhctXtrHfc/KdG1sgnqp+oGjrkveFTYUBO6UdX ncJFPHoSnLp6foW3V6zUO9mcuDmeM=; cv=none; d=example.org; i=1; s=dummy; _=; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail as_format_tags_dup: spec: 12/16 description: as dup tag error message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=IO43AZIKhbGLyWUCD6LAC3GeO+S9ET5T2SFkq/QCjOT5aChUgUziIlm2REH9SDMP6EfWwL ex6l4ndFMruyh+ReaORg3wOaXyf9nM21VO/9GyWpNkfMnVIzxspuNhkPsEJz8QglmQdp1Yww OItIuEZpAwkFDMzWFuenMY0RnncmE=; cv=none; d=example.org; i=1; s=dummy; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail as_format_tags_key_case: spec: 12/16 description: as tag key case message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=3RAGO9q/6XejhXohu4h3a1at+M3SQzh3NvUB6/9n2fWdnCAF/Y8fvEgul01qPYOVm75+sV DzX8LwZ9M8xvbpW02HPpiwJdSfMaSHfLFl7Eyz/X+iV/JhOovv9YoDfpkToqbisARZ6Zo4p+ Ctok9hM0WxtmOjXqyOfFXfpMZRqI8=; cv=none; d=example.org; i=1; S=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail as_format_tags_val_case: spec: 12/16 description: as tag value case message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=RkKDOauVsqcsTEFv6NVE6J0sxj8LUE4kfwRzs0CvMg/+KOqRDQoFxxJsJkI77EHZqcSgwr QKpt6aKsl2zyUovVhAppT65S0+vo+h3utd3f8jph++1uiAUhVf57PihDC/GcdhyRGa6YNQGh GoArSHaJKb06/qF5OBif8o9lmRC8E=; cv=none; d=Example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail as_format_tags_wsp: spec: 12/16 description: as whitespace sensitive message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=C7Te2RjPpFj3iKc4sPOTP80VHV2B/IeAl3AmyBOETgmdWrOe+q2lQ631QpI2ur/d5i9C6x gJvRBbqlGya23VwHyaJPrP6IfWnXokjrcvdnyWX9kvhPCVTMrco+1ouNkKrn/5Rf8OTAYCzZ daX8nbXMUANlFgBEQ+tvhb4PEMANc=; cv=none; d=example.org; i=1; s=dummy; t=12 345 ARC-Message-Signature: a=rsa-sha256; b=Wy3KTYHj5wd/cRfKjr5Or0eOK0YXjU4HH27PRGwY8prB01CRav1Zh4Q+tOZRrTLbYDrPUH QKwwxuKQ3IuS5+R9ugvuONhvNHLncIDvvjmK0dQV/9c+/ewkHBU9jZRfDxNMcot+eKUpZduO xzUR/tDACt1ZkT1SOwRDAxaMs6+js=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail as_format_tags_sc: spec: 12/16 description: as random semi colon error message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=qfPkkUJh95JfdvuR67QiOVg0n+krrwlShqIFXu03EvgP+1wJHVJy6M497OPlK1QC3FGXBL k2Af5aTM9pyRO4bDX7N21jvGLoF2soMk9r6Er78OFalImdz7rRdFu33PR3dMCFe2cjGkPmAO 94UKj789r5lfy2+QQwQskXQX/r3pw=; cv=none; d=example.org; i=1; s=dummy;; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail txt-records: dummy._domainkey.example.org: >- v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkHlOQoBTzWRiGs5V6NpP3id Y6Wk08a5qhdR6wy5bdOKb2jLQiY/J16JYi0Qvx/byYzCNb3W91y3FutACDfzwQ/BC/e/8uBsCR+yz1Lx j+PL6lHvqMKrM3rG4hstT5QjvHO9PzoxZyVYLzBfO2EeC3Ip3G+2kryOTIKT+l/K4w3QIDAQAB --- description: >- Arc Seal Fields tests: as_fields_i_dup: spec: 12/16 description: duplicate as message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=RkKDOauVsqcsTEFv6NVE6J0sxj8LUE4kfwRzs0CvMg/+KOqRDQoFxxJsJkI77EHZqcSgwr QKpt6aKsl2zyUovVhAppT65S0+vo+h3utd3f8jph++1uiAUhVf57PihDC/GcdhyRGa6YNQGh GoArSHaJKb06/qF5OBif8o9lmRC8E=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass ARC-Seal: a=rsa-sha256; b=RkKDOauVsqcsTEFv6NVE6J0sxj8LUE4kfwRzs0CvMg/+KOqRDQoFxxJsJkI77EHZqcSgwr QKpt6aKsl2zyUovVhAppT65S0+vo+h3utd3f8jph++1uiAUhVf57PihDC/GcdhyRGa6YNQGh GoArSHaJKb06/qF5OBif8o9lmRC8E=; cv=none; d=example.org; i=1; s=dummy; t=12345 Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail as_fields_i_dup2: spec: 12/16 description: duplicate AS i=2 message: | MIME-Version: 1.0 ARC-Seal: a=rsa-sha256; b=IAqZJ5HwfNxxsrn9R4ayQgiu9RibPKEUVevbt7XFTkSh1baJ533D2Z6IZ2NaBreUhDBb2e K9Gtcv+eyUhWkD8VTmE6fq/F8CDIK3ScIiJykF8hNL1wpa/mGwWWwBnkozIJGAbTAAX7AgnH knAehnSW99TeU0lmib0XmOt4TN3sY=; cv=pass; d=example.org; i=2; s=dummy; t=12346 ARC-Seal: a=rsa-sha256; b=IAqZJ5HwfNxxsrn9R4ayQgiu9RibPKEUVevbt7XFTkSh1baJ533D2Z6IZ2NaBreUhDBb2e K9Gtcv+eyUhWkD8VTmE6fq/F8CDIK3ScIiJykF8hNL1wpa/mGwWWwBnkozIJGAbTAAX7AgnH knAehnSW99TeU0lmib0XmOt4TN3sY=; cv=pass; d=example.org; i=2; s=dummy; t=12346 ARC-Message-Signature: a=rsa-sha256; b=2cDGNznUmp4YSSThCe9nrQIH2Gpd5qPFw3OU8sWFzZgEQ5UZtaVQifVUXUrsSyEzjro3Ul YPPDx+C1K+LbKRlOZ06il4ws2zlPafsrx1piKsKSCUq0KjFs01hYCDBa3tfdyITSfoWu2HHY pCjrhPMPH1jruIdBV/5Gk2Fvy+mW8=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=2; s=dummy; t=12346 ARC-Authentication-Results: i=2; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.11.240 with SMTP id 103csp420860oth; Fri, 6 Jan 2017 14:27:31 -0800 (PST) ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail as_fields_i_missing: spec: 12/16 description: as fields i= missing message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=uQtcSwvWdWWtq6seWx/+hrglo0DIevtxBse073F81rkPD9R2U9I11RE+rTyP1f49VmtxOX dQQY3hMLr+174d1LdaOrO7w98KKt/sAHkuVGaeUrNCsaPWSVyECdoQwEIh140FzHkW+6DGcC KYTb3l2Kb0/AH9RdhJ1kOft2hrOeY=; cv=none; d=example.org; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail as_fields_a_sha1: spec: 12/16 description: as a= is sha1 message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha1; b=4aSdpG91pnuWdSUXPchtTfnFSWkenWJh1zIKLwT2EVkCNJ+/5clRA5sFonDxmdOrcEgzrh jiJuxnZVYXdIkvW9rMe5BOG5walucWYuNkuO7ph0kRX8DRITxwiZYhFgk8OkCITDYNF6h5vr rMF5vOKCaWnpiGTUlPqBOgakyN9F0=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Pass as_fields_a_na: spec: 12/16 description: as a= not avaliable message: | MIME-Version: 1.0 Return-Path: ARC-Seal: b=gwz9qNZBYlrJY6xGdb0IUhGEwAlOmJsjSfyp8FmWwlJs9URrrikXoFcJ5dJkYbFAZNfXU4 58XhxWSgJ8x2PMN2lkZ1TkL29SRhgdn5VAjnjHpr4xE/2i1hHcZ23Nj/bhXe0TOJq1n5hoKk Atsos2ADb7r+Nf0AOnNle+/vTnS+4=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail as_fields_a_empty: spec: 12/16 description: as a= is empty message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=; b=ZVTTqGNJFz60CcTjJvJ2TBUgObDEGLOzdYTh+abJ+DiXUWfUJWxM5WD/dU3C0vjBu6Qcke 8swPTOsTL3lL1v0ywSQCN+ZuFbEn7fy9AMvXadmDgEuht5qrtSQG9rsuF9m0VePnf6k45HlX 3nICQtx7sQY16JBG4CTrBQWYSpaDU=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail as_fields_a_unknown: spec: 12/16 description: as a= unknown message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha42; b=cTOOMtw0jXisFRCtFshIVNExbNgtOyrGNUqWObVvJPmMYBNbAfG3y1101xcd4nrfZ2skNr xn12jM1JPwHBu5Ps4qjEeHDvxJK09vbxiOxviu5SDNhVUJS5V3l2VBagMpyuO5BL1OG6wjy/ Xuzt1Iuhk23cJ5S98SqOVik9CCblE=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail as_fields_b_ignores_wsp: spec: 12/16 description: as b= ignores whitespace message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=RkKDOauVsqcsTEFv6NV E6J0sxj8LUE4kfwRzs0CvMg/+KOqRDQoFxxJsJkI77EHZqcSgwr QKpt6aKsl2zyUovVhAppT6 5S0+ vo+h3utd3f8jph++1uiAUhVf57PihDC/GcdhyRGa6YNQGh GoArSHaJKb06/qF5OBif8o9lmRC8E=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Pass as_fields_b_head_case: spec: 12/16 description: as b= canonicalization ignores header case message: | MIME-Version: 1.0 Return-Path: ARC-SEAL: a=rsa-sha256; b=RkKDOauVsqcsTEFv6NVE6J0sxj8LUE4kfwRzs0CvMg/+KOqRDQoFxxJsJkI77EHZqcSgwr QKpt6aKsl2zyUovVhAppT65S0+vo+h3utd3f8jph++1uiAUhVf57PihDC/GcdhyRGa6YNQGh GoArSHaJKb06/qF5OBif8o9lmRC8E=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Pass as_fields_b_head_unfold: spec: 12/16 description: as b= canonicalization headers unfolded message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=RkKDOauVsqcsTEFv6NVE6J0sxj8LUE4kfwRzs0CvMg/+KOqRDQoFxxJsJkI77EHZqcSgwr QKpt6aKsl2zyUovVhAppT65S0+vo+h3utd3f8jph++1uiAUhVf57PihDC/GcdhyRGa6YNQGh GoArSHaJKb06/qF5OBif8o9lmRC8E=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Pass as_fields_b_eol_wsp: spec: 12/16 description: as b= canonicalization strips eol whitespace message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=RkKDOauVsqcsTEFv6NVE6J0sxj8LUE4kfwRzs0CvMg/+KOqRDQoFxxJsJkI77EHZqcSgwr QKpt6aKsl2zyUovVhAppT65S0+vo+h3utd3f8jph++1uiAUhVf57PihDC/GcdhyRGa6YNQGh GoArSHaJKb06/qF5OBif8o9lmRC8E=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Pass as_fields_b_inl_wsp: spec: 12/16 description: as b= canonicalization reduces inline whitespace message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=RkKDOauVsqcsTEFv6NVE6J0sxj8LUE4kfwRzs0CvMg/+KOqRDQoFxxJsJkI77EHZqcSgwr QKpt6aKsl2zyUovVhAppT65S0+vo+h3utd3f8jph++1uiAUhVf57PihDC/GcdhyRGa6YNQGh GoArSHaJKb06/qF5OBif8o9lmRC8E=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Pass as_fields_b_col_wsp: spec: 12/16 description: as b= canonicalization strips whitespace around colon message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=RkKDOauVsqcsTEFv6NVE6J0sxj8LUE4kfwRzs0CvMg/+KOqRDQoFxxJsJkI77EHZqcSgwr QKpt6aKsl2zyUovVhAppT65S0+vo+h3utd3f8jph++1uiAUhVf57PihDC/GcdhyRGa6YNQGh GoArSHaJKb06/qF5OBif8o9lmRC8E=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Pass as_fields_b_head_case: spec: 12/16 description: as b= canonicalization header key case insensitive message: | MIME-Version: 1.0 Return-Path: ARC-SEAL: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass as_fields_b_head_unfold: spec: 12/16 description: as b= canonicalization headers unfolded message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass as_fields_b_eol_wsp: spec: 12/16 description: as b= canonicalization eol whitespace stripped message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass as_fields_b_inl_wsp: spec: 12/16 description: as b= canonicalization inline whitespace reduced message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass as_fields_b_512: spec: 12/16 description: as b= with 512 bit key message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=DCbMvnfI7UzqahO9GFjYXa7DAcon0abOMQ7mWykqtdkEe+rqeQmsy1/pV9oAeSrT9giBqP +cBNepG4Nycj93KQ==; cv=none; d=example.org; i=1; s=512; t=12345 ARC-Message-Signature: a=rsa-sha256; b=BFnboE5xz5OBBIZeB04CaX0QVCRysZesZNKLQLDbq3ohfHL0eIkMWyt/ZkP3+bg7wVEtyb QfqbbfDRTQYC3GBA==; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=512; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail as_fields_b_1024: spec: 12/16 description: as b= with 1024 bit key message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=JZIhBQD/1SCIn7IUrIoqCDFZ4k2tDd5joLebC7dCEbEXy6HURnayDygFjEiVwoVjF8XZPo tDSWEVj18YLFQ08HZigNNDmhAdtIAeHs5bTfhz3ZDKGISGSrVbUqvS5QaL2dwaY5V3FhH1QC VEohhbx3rJKMBiFCbQoCRo555WNL0=; cv=none; d=example.org; i=1; s=1024; t=12345 ARC-Message-Signature: a=rsa-sha256; b=jCTMZoXkSSVEusJyP9cbvAoKEDLphi95R/yaX9+gWw2t/RduqINzxPSVJZUq8uVCbKdB5F BlBb2m7zbwaq6/oemTqI1tcnRaAt66Z0cyOKfPjRINTm9C8E3hUoI9DzplkwEoqmhR0wOjcJ H6ASJr96Kl5qLu092VFaQYYxkwh2I=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=1024; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Pass as_fields_b_2048: spec: 12/16 description: as b= with 2048 bit key message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=R6I8tV4Y0pBQWId+r4W9L3TDi82iVPot9d+ux5u69ET/VUTQUPFAiRfTBqMKAm0dY1HCdU JZggmlvj9BwZMOO9pFi8O1EXqkJ1CpNtFyNn76Get96owYXh7LlcP/C/a5AmxZMmvKblloh5 1rL2cNWicsp8/y3NS8jO0KWpSis2jK2yMn+r9gJ5gM2sUiBsKDwiYAhFBhjD8SFQOaG6DzLa mJzCw9FkuGdpLfQoNDq2lLQq6APq8GihFJai7o/s8M4FItAMoteuqxIfyYuH60oX4qNOsaIT B/6DnRCFshABODpSHRRIH4EvCu2fYYo6YDIU3VvDH2wOO5fQMcgvUoNw==; cv=none; d=example.org; i=1; s=2048; t=12345 ARC-Message-Signature: a=rsa-sha256; b=M0YyrXMDoG5zJ0ZjFzUqFNoDFatu/QxWTjyAH5wPvPRiSqw2Vvd4A1Al8VjYfmgbP4Jd8f TFDZg1kWwLYk2IO/th/P6iYPfyDg5qp6mgao/V8NBW9P/Mqlb+xhkn4R8c44vmen9atIUV3Z 04QzziVeuBxj+NFqxprbxf42Faxv5XymGmW3ZWVhOLEpwfcjy933drLsfZQezhyYlx4klptI v3hKM76++GaIUc1nWXvmkeKKjEQLiUzqxd9Om7SRNArNe/q5xnVIaufxSfZNUtTT/o7Ic1Br t7ZV8qwmj37sYpdZUo6H7QN+dp8E/J0jnbI0ZQU2mv8Gj3FqGOGzKwGQ==; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=2048; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Pass as_fields_b_na: spec: 12/16 description: as b= not available message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail as_fields_b_empty: spec: 12/16 description: as b= empty message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail as_fields_b_base64: spec: 12/16 description: as b= not base64 message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=yo-mama; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail as_fields_b_mod_sig: spec: 12/16 description: as b= with modified signature message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=kKDOauVsqcsTEFv6NVE6J0sxj8LUE4kfwRzs0CvMg/+KOqRDQoFxxJsJkI77EHZqcSgwr QKpt6aKsl2zyUovVhAppT65S0+vo+h3utd3f8jph++1uiAUhVf57PihDC/GcdhyRGa6YNQGh GoArSHaJKb06/qF5OBif8o9lmRC8E=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail as_fields_b_aar1: spec: 12/16 description: as b= modified aar1 message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=RkKDOauVsqcsTEFv6NVE6J0sxj8LUE4kfwRzs0CvMg/+KOqRDQoFxxJsJkI77EHZqcSgwr QKpt6aKsl2zyUovVhAppT65S0+vo+h3utd3f8jph++1uiAUhVf57PihDC/GcdhyRGa6YNQGh GoArSHaJKb06/qF5OBif8o9lmRC8E=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=yo-mama; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail as_fields_b_ams1: spec: 12/16 description: as b= modified ams1 message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=RkKDOauVsqcsTEFv6NVE6J0sxj8LUE4kfwRzs0CvMg/+KOqRDQoFxxJsJkI77EHZqcSgwr QKpt6aKsl2zyUovVhAppT65S0+vo+h3utd3f8jph++1uiAUhVf57PihDC/GcdhyRGa6YNQGh GoArSHaJKb06/qF5OBif8o9lmRC8E=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=I+Px9EfvrAFqYUnYPrC+egeUwxCg1LdNSIJ6v5sQfwua0Ox37z2S5GdknSdfjYKVDju/3p 49rDu1wy6xLD5byG2qV2IDUCKmNH4QY6yGhb7ADmfrHDdICMYf7UDIBL6nUQsZHPeAUn5HbK e/PCXEu9m+wpAEuDKvZxUNbNMWdQM=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail as_fields_b_asb1: spec: 12/16 description: as b= modified asb1 message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=RkKDOauVsqcsTEFv6NVE6J0sxj8LUE4kfwRzs0CvMg/+KOqRDQoFxxJsJkI77EHZqcSgwr QKpt6aKsl2zyUovVhAppT65S0+vo+h3utd3f8jph++1uiAUhVf57PihDC/GcdhyRGa6YNQGh GoArSHaJKb06/qF5OBif8o9lmRC8E=; cv=none; d=example.org; i=1; s=dummy2; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail as_fields_cv_na: spec: 12/16 description: as cv= not avaliable message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=u92e/TiZvqtkvgZxGLd6EF9fZvoFJ5mqvwEkb3m5lXbgo8/wN+iliOx07lU/rOIsHa9YqL QYUapWkkowhdKKFkixhefUUoeo9n9SIcpV8wywx3szGOhrwyHJIBCWr7nqaEQAS4prJzVZCi 4eEkPPQ5OdzZGMu7j53QCVzdmWsdo=; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail as_fields_cv_empty: spec: 12/16 description: as cv= empty message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=EhiACA5ymmD9SeCvreg2D+83hTBtus1JsP2KC0CUBOgmdMeiGuCIHiJG5WAWpXhd9RQhRo nxTU8kGfPl2sF2GAOujiie2cenkejRgwYQv+MLeRCT1MALEvrOsytShDl5reRltuX9ULPomS GBagChWg+NI9bZGMxnntr38QPFj5A=; cv=; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail as_fields_cv_invalid: spec: 12/16 description: as cv= invalid message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=cqTZxmxNU17ZUNfRJp6FvTfpkak6t2MCK65F3ppS018sPBGTyupD5q8GHdozKW5iCIaFhE rZQmKOD2z33Z/h2eiFY101fFxesgDJpMgbeo0zGfgmJcj1v6nDXgq1FrUNPaauBOJV8Nb5vs B0H2qSdtArOeD0mlATMKfESPA5mGw=; cv=:); d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail as_fields_d_na: spec: 12/16 description: as d= not available message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=YPZ23nGkCxrMd1193xVDIR5/J9Kz0AOanbuHATqRJUDT+KkiB8z6+vk+3qsUiH8/7+YyI/ Qqmd5O66qPq/ntXMaPnUhpQgKTj33KcGtD7j9m59imfosbjwTWrVatHo8okYmeh61ZxI8LGF ivZFDrqRI2YLfIG313PtmdUqZJFcY=; cv=none; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail as_fields_d_empty: spec: 12/16 description: as d= empty message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=pp0092UMeSYNP/NMoINT5QeuCXJ/LKOw4Sotuzu+XM4RFHL8CbHLWT/stFYpif9tVsVaEu h0SgrYexYI+lvEqslpSdCIgvVanRoSVC2bn58OSVVpZ/8r6/8iIXdN/upGPZRhbJLtSwuRk/ kbKzXfLTY9yy1SMSAqLXAG2MWBQpg=; cv=none; d=; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail as_fields_d_invalid: spec: 12/16 description: as d= invalid message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=e44ivGolh5WOt+GK0xvrRrWcEQnLTpbmx4VqK+osiYiEceAJl6RdIuaG5Sdvl8JLbUcHJf 7Z1nOuA71nrpTSGEh4kE5bgR/XAtxElq4czlU2B21nDUI5iO5IJTZx5uxYuhVh500OfFxKvP vk/65F1L8kU45uMhTjih304WuYZ7w=; cv=none; d=***; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail as_fields_s_na: spec: 12/16 description: as s= not available message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=P6fYgm79ZAak3Jov/xVCFA565vivmIK1TRc3a5bXLaK0ITMGov8fPDfBSlkicrEA7+klCS U+N4M70a873UxJAhtbW8aTgFfGA71WeXTJtsUO9k221Xg3TosedH0Pv7Hw6H5+xwfREaHwzW 609JaRP4xYSgiRQwbV53oJLXsUBA4=; cv=none; d=example.org; i=1; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail as_fields_s_empty: spec: 12/16 description: as s= empty message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=s5XP6OVPaP6aRAUllKkgklTcVFSRt0BuJ/KsHSBkzUlu8tlc8xHNLLQh8kSj93G91Nzrht 2TSNCGbDv2n+fTkUBvUw0Gv+rS+w/cGv3487x/0D3kKMY/AsnmbmKYy7demRQZueTjZg4oBd ictli/7xMAt6WUmqpssBKMK5wsfp0=; cv=none; d=example.org; i=1; s=; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail as_fields_t_na: spec: 12/16 description: as t= na message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=JBVkqSG5Cg5D7lzXzyoLhk5/SMvhUeqxndqDKDjLQSici34r5d+fQIkUosiU17/jueiGc9 UpZl2Gv6wPs7TkgwxfK7GG/1d4P+/cYE6efo8xuPSZGxoSQEZhKTjXL9Apup8Up3e/J2xBjs veRG7RbXqMc/vL/tmGxsJ9aSjSIKI=; cv=none; d=example.org; i=1; s=dummy ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Pass as_fields_t_empty: spec: 12/16 description: as t= empty message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=s8yFqRcEb3EBxbl8zc3/Q7Yni59wWhj7+NDrxRaVvVJ2f/e4FKJTIcz+0i9z+VhmX41Zu5 Rh2CQwD6bnkOvtHIuHoxI4LxOhs/lvhkcBieiqGR4ZeZlOy8n6mmnbuHIi151pNXK79ZxRdr 2axc4DYl57RmQKI+jVPwiMygli/f0=; cv=none; d=example.org; i=1; s=dummy; t= ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail as_fields_t_invalid: spec: 12/16 description: as t= invalid message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=K4NE5fZ5bskXwVAbySXpU9ys/ls+gL97+qh/HSFgSAkBzAxQ355pWkGTKLG3SX95OEljIO tFiBuwYKIiBXwYbl6vpsZpjS3AwwdtV+rFqwVT0oCwRv2SU8v+wvg/2uzgUMciit+WNI0sYr +HgFzkt6yR3Jpg8Y/49qKPXZcYR3I=; cv=none; d=example.org; i=1; s=dummy; t=-123.4 ARC-Message-Signature: a=rsa-sha256; b=uB8ov69KIWfAiTqT9UOTg9p4m0u8Zi01NUVf0iyzeNBpJR9VecE81x2VzQBxfPnp5p3uSd H7A/ExuHutPbPzSJh62u0HpIIoSoxzZtSeESFwIJJe81Iv8SiuIuwCtih+wcNxPEoou7G0F3 fRI+n99QEFryjk9dsPBGW4NFxNzIA=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail txt-records: dummy._domainkey.example.org: >- v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkHlOQoBTzWRiGs5V6NpP3id Y6Wk08a5qhdR6wy5bdOKb2jLQiY/J16JYi0Qvx/byYzCNb3W91y3FutACDfzwQ/BC/e/8uBsCR+yz1Lx j+PL6lHvqMKrM3rG4hstT5QjvHO9PzoxZyVYLzBfO2EeC3Ip3G+2kryOTIKT+l/K4w3QIDAQAB dummy2._domainkey.example.org: >- v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkHlOQoBTzWRiGs5V6NpP3id Y6Wk08a5qhdR6wy5bdOKb2jLQiY/J16JYi0Qvx/byYzCNb3W91y3FutACDfzwQ/BC/e/8uBsCR+yz1Lx j+PL6lHvqMKrM3rG4hstT5QjvHO9PzoxZyVYLzBfO2EeC3Ip3G+2kryOTIKT+l/K4w3QIDAQAB 512._domainkey.example.org: >- v=DKIM1; k=rsa; p= MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAIWmlgix/84GJ+dfgjm7LTc9EPdfk ftlgiPpCq4/kbDAZmU0VvYKDljjleJ1dfvS+CGy9U/kk1tG3EeEvb82xAcCAwEAAQ== 1024._domainkey.example.org: >- v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCyBwu6PiaDN87t3DVZ84zIrE hCoxtFuv7g52oCwAUXTDnXZ+0XHM/rhkm8XSGr1yLsDc1zLGX8IfITY1dL2CzptdgyiX7vgYjzZqG368 C8BtGB5m6nj26NyhSKEdlV7MS9KbASd359ggCeGTT5QjRKEMSauVyVSeapq6ZcpZ9JwQIDAQAB 2048._domainkey.example.org: >- v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+7VkwpTtICeJFM4Hf UZsvv2OaA+QMrW9Af1PpTOzVP0uvUFK20lcaxMvt81ia/sGYW4gHp/WUIk0BIQMPVhUeCIuM1mcOQNFS OflR8pLo916rjEZXpRP/XGo4HwWzdqD2qQeb3+fv1IrzfHiDb9THbamoz05EX7JX+wVSAhdSW/igwhA/ +beuzWR0RDDyGMT1b1Sb/lrGfwSXm7QoZQtj5PRiTX+fsL7WlzL+fBThySwS8ZBZcHcd8iWOSGKZ0gYK zxyuOf8VCX71C4xDhahN+HXWZFn9TZb+uZX9m+WXM3t+P8CdfxsaOdnVg6imgNDlUWX4ClLTZhco0Kmi BU+QIDAQAB --- description: >- AAR Set Structure tests: aar_struct_i_na: description: AAR i= NA message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=XPyfGHSOsXbhiqnRuLe8aUcX7VI+ULipPwkVdyFW3vrDgWis0ZGj5Exi7MVCEZqHCPRrz6 cE/MCiMIKvLKaNOoN2RiMmGxReyuMqxB1cFgrlYSsY2juOuKruRwnyvdojfJKxkZtuwbCbEI oP7AxLlImiJh8dL65hcqiVYYwkCVo=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=pT/KGdemFeMECKnNp/zUgBi7JEBkqLYi6OiuMNFk1lu9MvIVAphMo5Qd+HwcmduHcKnTuE BR6G1f+FvrikTsz71tFpmz7YMQDVfnd889YqzIMfkrHVmYz3Tqkm/leEozN+3QSDthphCGja elxeYITZ88vPyJgjqeB1RZbZA8w1w=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail aar_struct_i_empty: description: AAR i= empty message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=2bCJqMNBHeHfGn4ydivoDNuXl5l4/uFJRjSq20B1IFuEwXRBItAHyrnJ2kAeKyN2vDyF38 aeVMW3JpEr6YYbdWz/QIbn9PfQRLJw8mDAdIWIeDf77ckQL9pBS9u4KnPzSRlvBrMvTJcHI0 X78AQ+sF7GHuW+TQE3w76leY5chNg=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=ssDGg3IC3l9eIU0QVB6442p+icX6zrpaCDc6MdnR9waROdPPl4ThcRHhU19nHBlEqvc6Nj heWBORRpH93dQ2gC1dh/kYpOu7GUr7rbTzO3FYICnbTCbZWHHkyRPjKGUDLKZxt2zOnT1g+I FiLSqI5zVyKX98w5q0cUroUaFYyOg=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail aar_struct_i_zero: description: AAR i=0 message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=KylBhAsgxwZcei83U8RCLOL6VAKrUTEqgMRFrfs4wdvOfJhb4QLzeJoNuL0rru8pWd/y9/ zEYgBxCGpOGkoEXyzrDE+2wbNPn04kjJuTpMfRbHljy6kjHXRf8jgy44iDS6zx2dkV+YRP4n STyZLdj+YcIrTvl/DSzidIX+QF8tE=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=G459JFdl2PXVaqhTFJwqpBaOCUiASVtWpkiQrIPiLPDpPoGT3AhaoPDpM3ogUhURRBAkQD bJqcY2XJ2F2NAWf260C7T/q0DlO6D0/E6IsqiY5seqiBCPIGf4B2yMjnQXf1qTHFNbbJGICi k6bE4r1ZCT7Cu9CWFCCq9TWEthhfw=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=0; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail aar_struct_invalid: description: AAR i= invalid value message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=ye9OTXk3fAWUMwhQFsBSTjaDkrXXFzifyP5c7No0TriPbeFK0cayi6FgudLVsSFLvibCAJ txOi+Zfx9rn0TyhsNspRg/PY8+VSZJZtxOW7cJ/6nLZPh3XKfhx39QDQPjyc3dd03bpAckRH b6vJuM9vmpgB4y3WnnvWH9H05wfMo=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=fusc8GIuNpkjd8jbi8g5feEaRugmDELIl/M3u+QCZjF4Sw4SVFS8tRy8DI8XA/49D4mfmc NuClgRzBZJSeyd1w6tDyt0mebBKMAWqJXK25B6ON3QTeXTudB5447VckaoUn0k+U75fkyiKk l2ZmwWGNx0jBif2Py0gSwhFajD77g=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=squanch; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail aar_struct_dup: description: Duplicated AAR for i=1 message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail aar_struct_missing: description: Missing AAR for i=1 message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=dOdFEyhrk/tw5wl3vMIogoxhaVsKJkrkEhnAcq2XqOLSQhPpGzhGBJzR7k1sWGokon3TmQ 7TX9zQLO6ikRpwd/pUswiRW5DBupy58fefuclXJAhErsrebfvfiueGyhHXV7C1LyJTztywzn QGG4SCciU/FTlsJ0QANrnLRoadfps=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail txt-records: dummy._domainkey.example.org: >- v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkHlOQoBTzWRiGs5V6NpP3id Y6Wk08a5qhdR6wy5bdOKb2jLQiY/J16JYi0Qvx/byYzCNb3W91y3FutACDfzwQ/BC/e/8uBsCR+yz1Lx j+PL6lHvqMKrM3rG4hstT5QjvHO9PzoxZyVYLzBfO2EeC3Ip3G+2kryOTIKT+l/K4w3QIDAQAB --- description: >- Arc Authentication Results tests: aar_missing: spec: 12/16 description: missing arc authentication results message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=RkKDOauVsqcsTEFv6NVE6J0sxj8LUE4kfwRzs0CvMg/+KOqRDQoFxxJsJkI77EHZqcSgwr QKpt6aKsl2zyUovVhAppT65S0+vo+h3utd3f8jph++1uiAUhVf57PihDC/GcdhyRGa6YNQGh GoArSHaJKb06/qF5OBif8o9lmRC8E=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail aar_i_missing: spec: 12/16 description: arc authentication results no i= tag message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=RkKDOauVsqcsTEFv6NVE6J0sxj8LUE4kfwRzs0CvMg/+KOqRDQoFxxJsJkI77EHZqcSgwr QKpt6aKsl2zyUovVhAppT65S0+vo+h3utd3f8jph++1uiAUhVf57PihDC/GcdhyRGa6YNQGh GoArSHaJKb06/qF5OBif8o9lmRC8E=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail aar_i_wrong: spec: 12/16 description: arc authentication results wrong i= tag message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=RkKDOauVsqcsTEFv6NVE6J0sxj8LUE4kfwRzs0CvMg/+KOqRDQoFxxJsJkI77EHZqcSgwr QKpt6aKsl2zyUovVhAppT65S0+vo+h3utd3f8jph++1uiAUhVf57PihDC/GcdhyRGa6YNQGh GoArSHaJKb06/qF5OBif8o9lmRC8E=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=2; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail aar_i_not_prefixed: spec: 12/16 description: arc authentication results i= not prefixed message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=RkKDOauVsqcsTEFv6NVE6J0sxj8LUE4kfwRzs0CvMg/+KOqRDQoFxxJsJkI77EHZqcSgwr QKpt6aKsl2zyUovVhAppT65S0+vo+h3utd3f8jph++1uiAUhVf57PihDC/GcdhyRGa6YNQGh GoArSHaJKb06/qF5OBif8o9lmRC8E=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: lists.example.org; i=1; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail aar_i_no_semi: spec: 12/16 description: arc authentication results i= no semicolon message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=RkKDOauVsqcsTEFv6NVE6J0sxj8LUE4kfwRzs0CvMg/+KOqRDQoFxxJsJkI77EHZqcSgwr QKpt6aKsl2zyUovVhAppT65S0+vo+h3utd3f8jph++1uiAUhVf57PihDC/GcdhyRGa6YNQGh GoArSHaJKb06/qF5OBif8o9lmRC8E=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1 lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail aar2_missing: spec: 12/16 description: aar missing for i=2 message: | MIME-Version: 1.0 ARC-Seal: a=rsa-sha256; b=CiZp+ZloBeWiIyjY+Eq0lKt20KQDF3QIJNw7+/jdjtQ1XTSMhHsli7H/ocIXsiU/kLF5pn pABQiZPvAWfCaEcCA9lyb/7i3q2i72GLdK1vdrdD2nIM5e7L3u/5Z56SJdKTu46SyoFQve9b Cp7qoQB9/TUTxxvkDoapsSjDCDqZ0=; cv=pass; d=example.org; i=2; s=dummy; t=12346 ARC-Message-Signature: a=rsa-sha256; b=A2OCip1Cf9z6X7ML9/bRajnToeCD3H7IkP7YqmSKqDtn8Yu8oaJdwP0lZfCTjX++Qas9nj tGWMojFpj8Wd2rzdyMXwUWF3xlcFBD2gApO9xbehIASIF4lFQMyP6D80LjsjdtpstgwGZl9P y6WTyD1Kw/bNPZadxvNeDg3LVcQpo=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=2; s=dummy; t=12346 Received: by 10.157.11.240 with SMTP id 103csp420860oth; Fri, 6 Jan 2017 14:27:31 -0800 (PST) Return-Path: ARC-Seal: a=rsa-sha256; b=RkKDOauVsqcsTEFv6NVE6J0sxj8LUE4kfwRzs0CvMg/+KOqRDQoFxxJsJkI77EHZqcSgwr QKpt6aKsl2zyUovVhAppT65S0+vo+h3utd3f8jph++1uiAUhVf57PihDC/GcdhyRGa6YNQGh GoArSHaJKb06/qF5OBif8o9lmRC8E=; cv=none; d=example.org; i=1; s=dummy; t=12345 ARC-Message-Signature: a=rsa-sha256; b=SMBCg/tHQkIAIzx7OFir0bMhCxk/zaMOx1nyOSAviXW88ERohOFOXIkBVGe74xfJDSh9ou ryKgNA4XhUt4EybBXOn1dlrMA07dDIUFOUE7n+8QsvX1Drii8aBIpiu+O894oBEDSYcd1R+z sZIdXhOjB/Lt4sTE1h5IT2p3UctgY=; bh=dHN66dCNljBC18wb03I1K6hlBvV0qqsKoDsetl+jxb8=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass MIME-Version: 1.0 Return-Path: Received: by 10.157.52.162 with SMTP id g31csp5274520otc; Tue, 3 Jan 2017 12:32:02 -0800 (PST) X-Received: by 10.36.31.84 with SMTP id d81mr49584685itd.26.1483475522271; Tue, 03 Jan 2017 12:32:02 -0800 (PST) Message-ID: Date: Thu, 5 Jan 2017 14:39:01 -0800 From: Gene Q Doe To: arc@dmarc.org Subject: Example 2 Content-Type: multipart/alternative; boundary=001a113e15fcdd0f9e0545366e8f --001a113e15fcdd0f9e0545366e8f Content-Type: text/plain; charset=UTF-8 This is a test message --001a113e15fcdd0f9e0545366e8f Content-Type: text/html; charset=UTF-8
This is a test message
--001a113e15fcdd0f9e0545366e8f-- cv: Fail txt-records: dummy._domainkey.example.org: >- v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkHlOQoBTzWRiGs5V6NpP3id Y6Wk08a5qhdR6wy5bdOKb2jLQiY/J16JYi0Qvx/byYzCNb3W91y3FutACDfzwQ/BC/e/8uBsCR+yz1Lx j+PL6lHvqMKrM3rG4hstT5QjvHO9PzoxZyVYLzBfO2EeC3Ip3G+2kryOTIKT+l/K4w3QIDAQAB --- description: >- Public Key tests: public_key_na: spec: 12/16 description: public key not available message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=xEoL/6DZn2+/oIsSIAFRrnQdhyrH/aSGdRqBphcyZvTLhDyd8sPHIqNsr0HROjIybe3lUG /YlYIftmAUP3E7kWbfU7HrolZ/5f4eB0tciltpSyBUPzM2D30IxGmqUvQxk5ATb7WxKAUs4x XiTmx1MaAUKAExlm45pwp5wEoU/D8=; cv=none; d=example.org; i=1; s=na; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail public_key_invalid: spec: 12/16 description: public key invalid message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=G6sqFlzmC87EiD80V9Da8JURM2MUxp1tK3iUxrQdSJ6odUYPT8ApwE1GWodzs8UDuKemL+ qn7E29nhcK8pwjLjWNilPTZJ1Bt1TS8QersJsEe4tD+rcbGd8ZU8C2UcUpv0TFv3m4GrNbwx JFFf9r1x5VkXulzTwIo1VW6avKShw=; cv=none; d=example.org; i=1; s=invalid; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Fail ams_as_diff_s_d: spec: 12/16 description: differing domains & selectors across ams & as message: | MIME-Version: 1.0 Return-Path: ARC-Seal: a=rsa-sha256; b=Q6K/T+/5h+nkCtO8UVhb5uwy5ozplfBvOV0lSOCIuzDoTlPNg1chaN+04US/AWxvOrBTZf hzXXdVjXMv2sX4+4ebSegZN7GTakDCd+vfBtF30jR4csBqlhW25NSyLeleZnIMf5I5G4vu5+ Ab38xWCoKnMKTPsPebT273ALMfzOw=; cv=none; d=example2.org; i=1; s=dummy2; t=12345 ARC-Message-Signature: a=rsa-sha256; b=QsRzR/UqwRfVLBc1TnoQomlVw5qi6jp08q8lHpBSl4RehWyHQtY3uOIAGdghDk/mO+/Xpm 9JA5UVrPyDV0f+2q/YAHuwvP11iCkBQkocmFvgTSxN8H+DwFFPrVVUudQYZV7UDDycXoM6UE cdfzLLzVNPOAHEDIi/uzoV4sUqZ18=; bh=KWSe46TZKCcDbH4klJPo+tjk5LWJnVRlP5pvjXFZYLQ=; c=relaxed/relaxed; d=example.org; h=from:to:date:subject:mime-version:arc-authentication-results; i=1; s=dummy; t=12345 ARC-Authentication-Results: i=1; lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: from segv.d1.example (segv.d1.example [72.52.75.15]) by lists.example.org (8.14.5/8.14.5) with ESMTP id t0EKaNU9010123 for ; Thu, 14 Jan 2015 15:01:30 -0800 (PST) (envelope-from jqd@d1.example) Authentication-Results: lists.example.org; spf=pass smtp.mfrom=jqd@d1.example; dkim=pass (1024-bit key) header.i=@d1.example; dmarc=pass Received: by 10.157.14.6 with HTTP; Tue, 3 Jan 2017 12:22:54 -0800 (PST) Message-ID: <54B84785.1060301@d1.example.org> Date: Thu, 14 Jan 2015 15:00:01 -0800 From: John Q Doe To: arc@dmarc.org Subject: Example 1 Hey gang, This is a test message. --J. cv: Pass txt-records: dummy._domainkey.example.org: >- v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkHlOQoBTzWRiGs5V6NpP3id Y6Wk08a5qhdR6wy5bdOKb2jLQiY/J16JYi0Qvx/byYzCNb3W91y3FutACDfzwQ/BC/e/8uBsCR+yz1Lx j+PL6lHvqMKrM3rG4hstT5QjvHO9PzoxZyVYLzBfO2EeC3Ip3G+2kryOTIKT+l/K4w3QIDAQAB dummy2._domainkey.example2.org: >- v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDR3lRpGZS+xO96Znv/BPNQxi m7ZD0v6yFmZa9Rni5FHCeWuQwcp+PH/XXOyF6JsmB+kS0ybxJnx594ulqH2KvLMNsGAD+yRl2bJSXbBH ea7K9C5WX8Vjx3oPoGgw7QCONptnjUsbIIoxUZBEUe17eG44H/PbDqGwCBiyI20KEC/wIDAQAB invalid._domainkey.example.org: >- v=DKIM1; k=rsa; omgwhatsgoingon Mail-DKIM-1.20200907/t/arc_test_suite/README.txt0000644000175000017500000000020113725344750017131 0ustar marcmarcThese files are included from the arc_test_suite Copyright <2017> ValiMail Inc. https://github.com/ValiMail/arc_test_suite.git Mail-DKIM-1.20200907/t/dev-manifest.t0000644000175000017500000000061513725344750015176 0ustar marcmarc#!perl -T use 5.006; use strict; use warnings FATAL => 'all'; use Test::More; unless ( $ENV{RELEASE_TESTING} ) { plan( skip_all => "Author tests not required for installation" ); } my $min_tcm = 0.9; eval "use Test::CheckManifest $min_tcm"; plan skip_all => "Test::CheckManifest $min_tcm required" if $@; ok_manifest( { 'filter' => [ qr/\.git/, qr/\/\.travis\.yml/, ], } ); Mail-DKIM-1.20200907/t/signature.t0000755000175000017500000000507313725344750014623 0ustar marcmarc#!/usr/bin/perl -I../lib use strict; use warnings; use Test::Simple tests => 12; use Mail::DKIM::Signature; use Mail::DKIM::TextWrap; my $signature = Mail::DKIM::Signature->new(); ok( $signature, "new() works" ); $signature->algorithm("rsa-sha1"); ok( $signature->algorithm eq "rsa-sha1", "algorithm() works" ); $signature->canonicalization( "relaxed", "simple" ); my ( $header_can, $body_can ) = $signature->canonicalization; ok( $header_can eq "relaxed", "canonicalization() works (I)" ); ok( $body_can eq "simple", "canonicalization() works (II)" ); my $combined = $signature->canonicalization; ok( $combined eq "relaxed/simple", "canonicalization() works (III)" ); $signature->canonicalization("simple/relaxed"); ok( $signature->canonicalization eq "simple/relaxed", "canonicalization() works (IV)" ); my $unparsed = "DKIM-Signature: a=rsa-sha1; c=relaxed"; $signature = Mail::DKIM::Signature->parse($unparsed); ok( $signature, "parse() works (I)" ); $unparsed = "DKIM-Signature: a = rsa-sha1; c = simple/simple; d = example.org ; h = Date : From : MIME-Version : To : Subject : Content-Type : Content-Transfer-Encoding; s = foo; b=aqanVhX/f1gmXSdVeX3KdmeKTZb1mkj1y111tZRp/8tXWX/srpGu2SJ/+O06fQv8YtgP0BrSRpEC WEtFgMHcDf0ZFLQgtm0f7vPBO98vDtB7dpDExzHyTsK9rxm8Cf18"; $signature = Mail::DKIM::Signature->parse($unparsed); ok( $signature, "parse() works (II)" ); ok( $signature->domain eq "example.org", "parse() correctly handles spaces" ); print "#BEFORE->\n" . $signature->as_string . "\n"; $signature->prettify_safe; print "#SAFE--->\n" . $signature->as_string . "\n"; $signature->prettify; print "#PRETTY->\n" . $signature->as_string . "\n"; check_pretty( $signature->as_string ); $unparsed = "DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=ijs.si; s=jakla2;\n\tt=1225813757; bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=; b="; $signature = Mail::DKIM::Signature->parse($unparsed); ok( $signature, "parse() works (III)" ); print "#BEFORE->\n" . $signature->as_string . "\n"; $signature->data("blah"); print "#AFTER-->\n" . $signature->as_string . "\n"; my $first_part_1 = ( $signature->as_string =~ /^(.*?b=)/s )[0]; $signature->prettify_safe; print "#PRETTY->\n" . $signature->as_string . "\n"; my $first_part_2 = ( $signature->as_string =~ /^(.*?b=)/s )[0]; ok( $first_part_1 eq $first_part_2, "signature preserved with prettify_safe" ); sub check_pretty { my $str = shift; my @lines = split /\n/s, $str; my $any_long_lines = grep { length($_) > 72 } @lines; ok( !$any_long_lines, "any lines exceed 72 characters" ); } Mail-DKIM-1.20200907/t/corpus/0000775000175000017500000000000013725344750013742 5ustar marcmarcMail-DKIM-1.20200907/t/corpus/good_rfc4871_3.txt0000644000175000017500000000132513725344750017032 0ustar marcmarcDKIM-Signature: v=1; a=rsa-sha1; c=simple; d=messiah.edu; h=from:to:subject:date:message-id; q=dns/txt; s=test1; foo=bar; bh=a1tsxn+Nkk390KsMynntsb/bycM=; b=U0zAE8NPDILfQP9A5fpD35v5SVa/9e+Vrh7hDJpFzram1eVYZTkJmNqHdSF5nBPaCcRt6XBWR9InJkSl/UttZQ== Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (sig. has extra tags) Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/ignore_8.txt0000644000175000017500000000133713725344750016217 0ustar marcmarcDKIM-Signature: v=1; a=rsa-sha1; c=simple; d=messiah.edu; h=from:to:subject:date:message-id; q=dns/txt; s=test1; i=jon@example.org; bh=a1tsxn+Nkk390KsMynntsb/bycM=; b=geBkkvsxno7gZuGYSZmebXgM4G2V35hojxZduBbI5gFLBSUIF0D4NIbzrjbZnuoz7wOjZCXueHxtRidSAHanOw== Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (i= has wrong domain) Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/badkey_3.txt0000644000175000017500000000145213725344750016164 0ustar marcmarcDKIM-Signature: v=0.5; a=rsa-sha1; c=simple; d=messiah.edu; h=received:received:from:to:subject:date:message-id; q=dns/txt; s=testbad1; bh=rYdLRBGGXK4PCDh+3AbwGuV2OEU=; b=fTmnR2WeabrW0qAlIDm25QOI8pEVfKayiu56bNQeIg7Qbcg7SEeq9Y71MU5WK11DWUwg2+nruwq+y22VQq/Wtw+014kTkfT073wMlTBjeZqNl63T+whlwgUAIjgR6XuR+BP6bc1/nRBbVB7Wjfctj5yNUgGCZqxVEh07wBtgFg0= Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (badkey_3) Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/no_body_1.txt0000644000175000017500000000135713725344750016360 0ustar marcmarcDKIM-Signature: v=0.5; a=rsa-sha1; c=simple; d=messiah.edu; h=received:received:from:to:subject:date:message-id; q=dns/txt; s=selector1; bh=uoq1oCgLlTqpdDX/iUbLy7J1Wic=; b=akH0wLCX2J61xzcSfd8vo9wH9BYTddfmyUQPxIwZTVLjCwCyUtE88owD4zKDa8RZ9lqbkpa0z+oRiTvTT/defySlWs9fT3HIcQ+GcrhV2DF7+4BY+VHf9Qk0ML4ajwq3s+r8zfM/+hv2D1K/BuNgf+AIKyC7axz0b4CsfdBSZI4= Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test - empty body Date: Wed, 22 Feb 2007 09:11:00 -0500 Message-ID: <20070222091100@test.messiah.edu> Mail-DKIM-1.20200907/t/corpus/badkey_2.txt0000644000175000017500000000145513725344750016166 0ustar marcmarcDKIM-Signature: v=0.5; a=rsa-sha1; c=simple; d=messiah.edu; h=received:received:from:to:subject:date:message-id; q=dns/txt; s=testrevoked; bh=rYdLRBGGXK4PCDh+3AbwGuV2OEU=; b=fTmnR2WeabrW0qAlIDm25QOI8pEVfKayiu56bNQeIg7Qbcg7SEeq9Y71MU5WK11DWUwg2+nruwq+y22VQq/Wtw+014kTkfT073wMlTBjeZqNl63T+whlwgUAIjgR6XuR+BP6bc1/nRBbVB7Wjfctj5yNUgGCZqxVEh07wBtgFg0= Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (badkey_2) Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/mine_ietf01_4.txt0000644000175000017500000000145013725344750017024 0ustar marcmarcDKIM-Signature: a=rsa-sha256; c=relaxed; d=messiah.edu; h=received:received:from:to:subject:date:message-id; q=dns; s=selector1; bh=wFR5pSNOmhbMZz1RLNBFllRfc72sMxK5gTMq/iO1mec=; b=P74upWoriEJAAWayBhBb+I2uYuF328LBQ1vvzIDmufKrBPed1Jdpz0pmGTOe7TOdOCs75mMZ/vHDI24d07u8HS2CAT6DNVcxGGMdTB1cdOU8zPZA0dMkf8E8cz/d1BP7TgIINvS9CdB13XeddvYuiw3jATCoMFxLxJmQ7E44Tgg= Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/goodkey_4.txt0000644000175000017500000000136613725344750016373 0ustar marcmarcDKIM-Signature: v=1; a=rsa-sha1; c=simple; d=messiah.edu; h=from:to: subject:date:message-id; q=dns/txt; s=test1; i=jlong@messiah.edu; bh= a1tsxn+Nkk390KsMynntsb/bycM=; b=FE5JP1m+QoWKRybcAWo/Uae/WcbDkMFh 0JQYRN0PdhHqH7CS4izjiIj7t6CXIbF6PD7S5FUbQ5Swt2ffR6F0/Q== Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (i= using subdomain, should pass) Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/bad_dk_2.txt0000644000175000017500000000072313725344750016130 0ustar marcmarcDomainKey-Signature: a=rsa-sha1; c=simple; d=messiah.edu; q=dns; s=test1; b=DmkekrvBPH2D/VSZU9vSOk/xWrllr QUy9KbJf/0IiMiILDXUIdQsf0J3DgGu3I/mez54kh/1bUA9r7b0plE2CA== From: Jason Long Sender: George To: Nobody Subject: domainkeys test - no h= tag Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/good_dk_5.txt0000644000175000017500000000135313725344750016335 0ustar marcmarcDomainKey-Signature: a=rsa-sha1; c=nofws; d=messiah.edu; h=from:sender:to: subject:date:message-id; q=dns; s=test4; b=i5J01ofFaB5XDFC9+O3nb mcThOO+QW75bwDxNWVt+PsZOuTqB8qu1v9wu9mC6VF3I56lpwQIQEgZoecCQT4eb Q== Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: George Sender: Jason Long To: Nobody Subject: domainkeys test (key has empty g=, should pass) Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/good_qp_3.txt0000644000175000017500000000127213725344750016355 0ustar marcmarcDKIM-Signature: v=1; a=rsa-sha1; c=simple; d=messiah.edu; h=from:to :subject:date; s=test3; i=jlong=40messiah.edu; bh=OW2otvzd7V2TO8 w056SjbYRFCa0=; b=DqfCOAEklcd1hgviRVra6RtufRW8JjdJ/h6tQmCOi3ATVD /HakPtw/OqNsMPGBAwUkIYpi1mbt+t09sFj74unw== Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (i= uses quoted-printable) Date: Wed, 9 Apr 2008 09:11:00 -0500 Should pass. This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/good_qp_2.txt0000644000175000017500000000127213725344750016354 0ustar marcmarcDKIM-Signature: v=1; a=rsa-sha1; c=simple; d=messiah.edu; h=from:to :subject:date; s=test3; i=jlong@messiah=2Eedu; bh=OW2otvzd7V2TO8 w056SjbYRFCa0=; b=TuQa6fkzR09SXKTV2LOWHmzVawRieFypY3x9ZhXsEul6+H /odHbD71uDwBEFdkWwNh7n/WKWjy7gqyftQ0/ung== Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (i= uses quoted-printable) Date: Wed, 9 Apr 2008 09:11:00 -0500 Should pass. This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/good_ietf01_1.txt0000644000175000017500000000235013725344750017021 0ustar marcmarcReturn-Path: X-Original-To: test@dkimtest.jason.long.name Delivered-To: dkimtest@mx2.messiah.edu Received: from voicemail.cis.att.net (unknown [12.34.200.188]) by mx2.messiah.edu (Postfix) with ESMTP id 02F12E15D8 for ; Wed, 3 May 2006 15:06:32 -0400 (EDT) Received: from (localhost[127.0.0.1]) by voicemail.cis.att.net (vm2) with SMTP id <2006050319071918800spa0re>; Wed, 3 May 2006 19:07:19 +0000 DKIM-Signature: a=rsa-sha256; c=relaxed; d=vmt2.cis.att.net; t=1146680862; h=Date : From : MIME-Version : To : Subject : Content-Type : Content-Transfer-Encoding; bh=HryPFX2R6r7JPsX1Z7+yReZddQR2PjvCvdXgaxW5QYU=; s=shan; b=QXd8h2UbBO7fIPz/Iy3wNwbVU6dih6ozokPXqAvI6p9iG5SqFahyTXwqZeltC4az3Sjay7Vx+b5e 1s2rQuhT4SKD47gJYs4kw0JgV2WLanF3oR1hWD0tL0vuDeUgH6kr Date: Wed, 15 Feb 2006 17:32:54 -0500 From: Tony Hansen MIME-Version: 1.0 To: dkim-test@altn.org, sa-test@sendmail.net, autorespond+dkim@dk.elandsys.com Subject: this is a test message minimum.ietf-01.sha256-relaxed Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Message-Id: <20060503190632.02F12E15D8@mx2.messiah.edu> The quick brown fox jumped over the lazy dog. Mail-DKIM-1.20200907/t/corpus/no_body_3.txt0000644000175000017500000000136313725344750016357 0ustar marcmarcDKIM-Signature: v=0.5; a=rsa-sha1; c=simple; d=messiah.edu; h=received:received:from:to:subject:date:message-id; q=dns/txt; s=selector1; bh=uoq1oCgLlTqpdDX/iUbLy7J1Wic=; b=akH0wLCX2J61xzcSfd8vo9wH9BYTddfmyUQPxIwZTVLjCwCyUtE88owD4zKDa8RZ9lqbkpa0z+oRiTvTT/defySlWs9fT3HIcQ+GcrhV2DF7+4BY+VHf9Qk0ML4ajwq3s+r8zfM/+hv2D1K/BuNgf+AIKyC7axz0b4CsfdBSZI4= Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test - empty body Date: Wed, 22 Feb 2007 09:11:00 -0500 Message-ID: <20070222091100@test.messiah.edu> Mail-DKIM-1.20200907/t/corpus/ignore_2.txt0000644000175000017500000000144113725344750016205 0ustar marcmarcDKIM-Signature: v=0.5; a=rsa-md5; c=simple; d=messiah.edu; h=received:received:from:to:subject:date:message-id; q=dns; s=selector1; bh=rYdLRBGGXK4PCDh+3AbwGuV2OEU=; b=NjJBlNqLnQcz8zwF899l4JHO0blD3rRSlR3mPiOLa137fG5RSKOHeYle0U5sBcRNwIUQub+kpXhi9snZqf0zbRfO+TBaZ8dfdVRzX0d4n0PoQCX453fAAnmZcsgD3jevR+R0J/oa1Ao1A0Oj5X7mwut35QcwjIi42bDIjsFP9xk= Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> Ignore this signature; it has an unsupported digesting algorithm. Mail-DKIM-1.20200907/t/corpus/mine_ietf05_1.txt0000644000175000017500000000150713725344750017030 0ustar marcmarcDKIM-Signature: v=0.5; a=rsa-sha1; c=simple; d=messiah.edu; h=received:received:from:to:subject:date:message-id; q=dns/txt; s=selector1; bh=rYdLRBGGXK4PCDh+3AbwGuV2OEU=; b=fTmnR2WeabrW0qAlIDm25QOI8pEVfKayiu56bNQeIg7Qbcg7SEeq9Y71MU5WK11DWUwg2+nruwq+y22VQq/Wtw+014kTkfT073wMlTBjeZqNl63T+whlwgUAIjgR6XuR+BP6bc1/nRBbVB7Wjfctj5yNUgGCZqxVEh07wBtgFg0= Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here This message has a v=0.5 signature. Blah blah blah Mail-DKIM-1.20200907/t/corpus/bad_dk_4.txt0000644000175000017500000000065313725344750016134 0ustar marcmarcDomainKey-Signature: a=rsa-sha1; c=simple; d=messiah.edu; q=; s=test1; b=DmkekrvBPH2D/VSZU9vSOk/xWrllr QUy9KbJf/0IiMiILDXUIdQsf0J3DgGu3I/mez54kh/1bUA9r7b0plE2CA== From: Jason Long To: Nobody Subject: domainkeys test - no h= tag Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/goodkey_3.txt0000644000175000017500000000123313725344750016363 0ustar marcmarcDKIM-Signature: v=1; a=rsa-sha1; c=simple; d=messiah.edu; h=from:to:subject:date; q=dns/txt; s=test3; i=jlong@messiah.edu; bh=N9OQp3Fydw5h5SJ1UDyZrgBPEDU=; b=RwH23zxIJNWSjpzNY3SnADAsHf4sjDqxPwcDC+uEUsnlqjeKG9cS3aX1ID+d6vVz+uuRjFKh0wxvOFeQVF4wcA== Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (goodkey_3) Date: Wed, 7 Dec 2005 09:11:00 -0500 This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/dk_headers_1.txt0000644000175000017500000000314313725344750017013 0ustar marcmarcReceived: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.174]) by mx2.messiah.edu (Postfix) with ESMTP id 79F442ADB4D for ; Tue, 10 Oct 2006 15:27:14 -0400 (EDT) Received: by ug-out-1314.google.com with SMTP id 29so952130ugc for ; Tue, 10 Oct 2006 12:27:13 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type; b=JOYJLw6miPAjUXx+gIQm3NsWuFInq05TuJppyoxqTopYPe3bSKzRBPLw5X+OMO36re/FDEfZnOjJ4cNYvVPuld6JEikNjk2RK98unQvcdkgBPZODuE7g/vXgLZo005nQkwvfd+4dbpHiINsOTT/0ASxQ+65OcgBu0CRR/DO7z/M= Received: by 10.66.240.12 with SMTP id n12mr8614290ugh; Tue, 10 Oct 2006 12:27:12 -0700 (PDT) Received: by 10.67.96.17 with HTTP; Tue, 10 Oct 2006 12:27:12 -0700 (PDT) Date: Tue, 10 Oct 2006 15:27:12 -0400 From: "Jason Long" To: jlong@messiah.edu Subject: Test from gmail Message-ID: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_20675_4029655.1160508432731" ------=_Part_20675_4029655.1160508432731 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline This message sent from Gmail. ------=_Part_20675_4029655.1160508432731 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline This message sent from Gmail.
------=_Part_20675_4029655.1160508432731-- Mail-DKIM-1.20200907/t/corpus/goodkey_2.txt0000644000175000017500000000120613725344750016362 0ustar marcmarcDKIM-Signature: v=1; a=rsa-sha1; c=simple; d=messiah.edu; h=from:to:subject:date; q=dns/txt; s=test2; bh=N9OQp3Fydw5h5SJ1UDyZrgBPEDU=; b=sROAwTBt1swNXbyYeo2ZNgjk0fBh8oohypYpT5WxUSK5nOwex4/FQNJ0r+m8Y2L3bez96rFCwd+E0Nq/YLv+yQ== Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (goodkey_2) Date: Wed, 7 Dec 2005 09:11:00 -0500 This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/good_83176.txt0000644000175000017500000000117613725344750016206 0ustar marcmarcDKIM-Signature: v=1; a=rsa-sha1; c=simple; d=messiah.edu; h=from:to :subject:date; s=test6; q=foo/bar:dns/txt:exam/ple; bh=N9OQp3Fyd w5h5SJ1UDyZrgBPEDU=; b=V8HzPqEKKPcpbMlhrG5NllrKYkPMesJ8ifRa6jQOa eQ4Dj+yRToplcOiDdlKx/vqRDLlJIxfCa62ItoUeD5yU+XCYsf16m/l1N3ZpAjOU umTb7sctxq55AGvRvrH63fATlRLYhJMskU+1AaziLUL164Xyy9zpt49mpNrt5g7G mM= Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (checking issue rt.cpan.org 83176) Date: Wed, 6 Feb 2013 09:11:00 -0500 This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/good_ietf00_5.txt0000644000175000017500000000225113725344750017024 0ustar marcmarcReturn-Path: X-Original-To: test@dkimtest.jason.long.name Delivered-To: dkimtest@mx2.messiah.edu Received: from voicemail.cis.att.net (unknown [12.34.200.188]) by mx2.messiah.edu (Postfix) with ESMTP id B3646731A1 for ; Wed, 1 Mar 2006 16:27:13 -0500 (EST) Received: from (localhost[127.0.0.1]) by voicemail.cis.att.net (vm2) with SMTP id <2006030121275918800sp93le>; Wed, 1 Mar 2006 21:27:59 +0000 DKIM-Signature: a=rsa-sha1; c=simple; d=vmt2.cis.att.net; t=1141248470; h=DaTe : FrOm : MiMe-vErSiOn : To : SuBjEcT : CoNtEnT-TyPe : CoNtEnT-TrAnSfEr-eNcOdInG; s=foo; b=N6Jpj0Mneee9OsJhnqZzOAk7gqmVRvgFX8/jV1evzep969M29rdRpsk8LPXKXiSNElYtpUaDfdwE x7QGFVbY9vAouC1uoCWN0E08WgKuwRbFWSOUraXUuzdgh0/j4nxp Date: Wed, 15 Feb 2006 17:32:54 -0500 From: Tony Hansen MIME-Version: 1.0 To: dkim-test@altn.org, sa-test@sendmail.net, autorespond+dkim@dk.elandsys.com Subject: test with mixed case h=hdr names simple Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Message-Id: <20060301212713.B3646731A1@mx2.messiah.edu> The quick brown fox jumped over the lazy dog. Mail-DKIM-1.20200907/t/corpus/badkey_11.txt0000644000175000017500000000140313725344750016237 0ustar marcmarcDKIM-Signature: v=1; a=rsa-sha256; c=simple; d=messiah.edu; h=from:to: subject:date:message-id; q=dns/txt; s=test2; bh=yWVxGwA0isgTMZQY PnTyKv2gX8+hj4nSW9BGUYd/EbI=; b=IBgb6pvA1+zfgPfBUPf53yvBlA+czl1f vMVOd31CJ9QvMe2yp4AjoTTJKvZ93gisUV3uigJZryLeJV1SpfMBTw== Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (h= requires sha1, not sha256, so it should fail) Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/good_ietf00_3.txt0000644000175000017500000000251313725344750017023 0ustar marcmarcReturn-Path: X-Original-To: test@dkimtest.jason.long.name Delivered-To: dkimtest@mx2.messiah.edu Received: from voicemail.cis.att.net (unknown [12.34.200.188]) by mx2.messiah.edu (Postfix) with ESMTP id D393973174 for ; Fri, 3 Mar 2006 10:39:08 -0500 (EST) Date: Fri, 3 Mar 2006 15:34:36 +0000 (GMT) X-Comment: Sending client does not conform to RFC822 minimum requirements X-Comment: Date has been added by Maillennium Received: from (localhost[127.0.0.1]) by voicemail.cis.att.net (vm2) with SMTP id <2006030315343618800sp98me>; Fri, 3 Mar 2006 15:34:36 +0000 DKIM-Signature: a=rsa-sha1; c=relaxed; d=vmt2.cis.att.net; t=1141353705; h=Date : From : MIME-Version : To : Subject : Content-Type : Content-Transfer-Encoding; s=foo; b=Xg6KO55vExLhrTCaJExpU+YOnP6cxxsdPs7TzpmbLWImD/p1nR/VoBZh+mEzpyJmAs6m+ETqjo3l J8nvtgJmvMdRF3g5RJa+DnStZVydMOlfRasQDT6wnjLG0vNa72eN Date: Wed, 15 Feb 2006 17:32:54 -0500 From: Tony Hansen MIME-Version: 1.0 To: dkim-test@altn.org, sa-test@sendmail.net, autorespond+dkim@dk.elandsys.com Subject: prefixed blanks test message relaxed Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Message-Id: <20060303153908.D393973174@mx2.messiah.edu> The quick brown fox jumped over the lazy dog. Mail-DKIM-1.20200907/t/corpus/good_dk_7.txt0000644000175000017500000000074413725344750016342 0ustar marcmarcDomainKey-Signature: a=rsa-sha1; c=simple; d=messiah.edu; h=from:to:subject: date:message-id; q=dns; s=test1; b=rpgP51ZIZ69J8F1XOImeXrROOXPZj NNkJ2GcB0wxm43/Uq0E1Mg6jyEFr/S0Y6gvDrhnjJAAxM4RQ76xPC2Odw== From: Jason Long To: Nobody Subject: domainkeys test - case-different domain names Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/mine_ietf01_3.txt0000644000175000017500000000144713725344750017031 0ustar marcmarcDKIM-Signature: a=rsa-sha256; c=simple; d=messiah.edu; h=received:received:from:to:subject:date:message-id; q=dns; s=selector1; bh=wFR5pSNOmhbMZz1RLNBFllRfc72sMxK5gTMq/iO1mec=; b=DeszbIPSQpibaxLRk4BoOmdRVulYKZCtHLVIQ0gVMJ0WGz9AQgyc7Oi7l8cwYFK7lGmpCAaie8GcbX9IZrJI4xCcinMImVcmPafM4GtJI1V5mWb+f3lltvzowyMU4TQPzy/IiABKmf5OHW0ydrMEbS0brKX6Lc4s9qerpKwYd1M= Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/bad_1.txt0000644000175000017500000000234013725344750015446 0ustar marcmarcReturn-Path: X-Original-To: test@dkimtest.jason.long.name Delivered-To: dkimtest@mx2.messiah.edu Received: from voicemail.cis.att.net (unknown [12.34.200.188]) by mx2.messiah.edu (Postfix) with ESMTP id 02F12E15D8 for ; Wed, 3 May 2006 15:06:32 -0400 (EDT) Received: from (localhost[127.0.0.1]) by voicemail.cis.att.net (vm2) with SMTP id <2006050319071918800spa0re>; Wed, 3 May 2006 19:07:19 +0000 DKIM-Signature: a=rsa-sha256; c=relaxed; d=vmt2.cis.att.net; t=1146680862; h=Date : From : MIME-Version : To : Subject : Content-Type : Content-Transfer-Encoding; bh=HryPFX2R6r7JPsX1Z7+yReZddQR2PjvCvdXgaxW5QYU=; s=shan; b=QXd8h2UbBO7fIPzVU6dih6ozokPXqAvI6p9iG5SqFahyTXwqZeltC4az3Sjay7Vx+b5e 1s2rQuhT4SKD47gJYs4kw0JgV2WLanF3oR1hWD0tL0vuDeUgH6kr Date: Wed, 15 Feb 2006 17:32:54 -0500 From: Tony Hansen MIME-Version: 1.0 To: dkim-test@altn.org, sa-test@sendmail.net, autorespond+dkim@dk.elandsys.com Subject: this is a test message minimum.ietf-01.sha256-relaxed Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Message-Id: <20060503190632.02F12E15D8@mx2.messiah.edu> The quick brown fox jumped over the lazy dog. Mail-DKIM-1.20200907/t/corpus/bad_ietf01_2.txt0000644000175000017500000000232013725344750016615 0ustar marcmarcReturn-Path: X-Original-To: test@dkimtest.jason.long.name Delivered-To: dkimtest@mx2.messiah.edu Received: from voicemail.cis.att.net (unknown [12.34.200.188]) by mx2.messiah.edu (Postfix) with ESMTP id 02F12E15D8 for ; Wed, 3 May 2006 15:06:32 -0400 (EDT) Received: from (localhost[127.0.0.1]) by voicemail.cis.att.net (vm2) with SMTP id <2006050319071918800spa0re>; Wed, 3 May 2006 19:07:19 +0000 DKIM-Signature: a=rsa-sha256; c=relaxed; d=vmt2.cis.att.net; t=1146680862; h=Date : From : MIME-Version : To : Subject : Content-Type : Content-Transfer-Encoding; bh=HryPFX2R6r7JPsX1Z7+yReZddQR2PjvCvdXgaxW5QYU=; s=shan; b=QXd8h2UbBO7fIPz/Iy3wNwbVU6dih6ozokPXqAvI6p9iG5SqFahyTXwqZeltC4az3Sjay7Vx+b5e 1s2rQuhT4SKD47gJYs4kw0JgV2WLanF3oR1hWD0tL0vuDeUgH6kr Date: Wed, 15 Feb 2006 17:32:54 -0500 From: Tony Hansen MIME-Version: 1.0 To: dkim-test@altn.org, sa-test@sendmail.net, autorespond+dkim@dk.elandsys.com Subject: this subject has been altered Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Message-Id: <20060503190632.02F12E15D8@mx2.messiah.edu> The quick brown fox jumped over the lazy dog. Mail-DKIM-1.20200907/t/corpus/good_ietf00_2.txt0000644000175000017500000000253313725344750017024 0ustar marcmarcReturn-Path: X-Original-To: test@dkimtest.jason.long.name Delivered-To: dkimtest@mx2.messiah.edu Received: from voicemail.cis.att.net (unknown [12.34.200.188]) by mx2.messiah.edu (Postfix) with ESMTP id 5C2EB733A7 for ; Fri, 3 Mar 2006 10:39:09 -0500 (EST) Date: Fri, 3 Mar 2006 15:34:38 +0000 (GMT) X-Comment: Sending client does not conform to RFC822 minimum requirements X-Comment: Date has been added by Maillennium Received: from (localhost[127.0.0.1]) by voicemail.cis.att.net (vm2) with SMTP id <2006030315343818800sp98ne>; Fri, 3 Mar 2006 15:34:38 +0000 DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=vmt2.cis.att.net; t=1141353706; h=Date : From : MIME-Version : To : Subject : Content-Type : Content-Transfer-Encoding; s=foo; b=MAI8z5Tnc7kzh4ffqKgfbGtbRQtqSO51sYw0FHWDX62GELvDNqHRaJ+y/Std+qDATrcHXkBKqj2N 98d6i6KkM07pavFVlD3WOa83SeRk5Izma32WncKyG3nfFX4lYUwz Date: Wed, 15 Feb 2006 17:32:54 -0500 From: Tony Hansen MIME-Version: 1.0 To: dkim-test@altn.org, sa-test@sendmail.net, autorespond+dkim@dk.elandsys.com Subject: prefixed blanks test message relaxed/relaxed Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Message-Id: <20060303153909.5C2EB733A7@mx2.messiah.edu> The quick brown fox jumped over the lazy dog. Mail-DKIM-1.20200907/t/corpus/ignore_4.txt0000644000175000017500000000145213725344750016211 0ustar marcmarcDKIM-Signature: v=0.5; a=rsa-sha1; c=future; d=messiah.edu; h=received:received:from:to:subject:date:message-id; q=dns; s=selector1; bh=rYdLRBGGXK4PCDh+3AbwGuV2OEU=; b=NjJBlNqLnQcz8zwF899l4JHO0blD3rRSlR3mPiOLa137fG5RSKOHeYle0U5sBcRNwIUQub+kpXhi9snZqf0zbRfO+TBaZ8dfdVRzX0d4n0PoQCX453fAAnmZcsgD3jevR+R0J/oa1Ao1A0Oj5X7mwut35QcwjIi42bDIjsFP9xk= Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> Ignore this signature; it has an unsupported canonicalization method. Mail-DKIM-1.20200907/t/corpus/bad_ietf01_3.txt0000644000175000017500000000235013725344750016621 0ustar marcmarcReturn-Path: X-Original-To: test@dkimtest.jason.long.name Delivered-To: dkimtest@mx2.messiah.edu Received: from voicemail.cis.att.net (unknown [12.34.200.188]) by mx2.messiah.edu (Postfix) with ESMTP id 02F12E15D8 for ; Wed, 3 May 2006 15:06:32 -0400 (EDT) Received: from (localhost[127.0.0.1]) by voicemail.cis.att.net (vm2) with SMTP id <2006050319071918800spa0re>; Wed, 3 May 2006 19:07:19 +0000 DKIM-Signature: a=rsa-sha256; c=relaxed; d=vmt2.cis.att.net; t=1146680862; h=Date : From : MIME-Version : To : Subject : Content-Type : Content-Transfer-Encoding; bh=HryPFX2R6r7JPsX1Z7+yReZddQR2PjvCvdXgaxW5QYU=; s=shan; b=QXd8h2UbBO7fIPz/I+this+signature+has+been+altered+hyTXwqZeltC4az3Sjay7Vx+b5e 1s2rQuhT4SKD47gJYs4kw0JgV2WLanF3oR1hWD0tL0vuDeUgH6kr Date: Wed, 15 Feb 2006 17:32:54 -0500 From: Tony Hansen MIME-Version: 1.0 To: dkim-test@altn.org, sa-test@sendmail.net, autorespond+dkim@dk.elandsys.com Subject: this is a test message minimum.ietf-01.sha256-relaxed Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Message-Id: <20060503190632.02F12E15D8@mx2.messiah.edu> The quick brown fox jumped over the lazy dog. Mail-DKIM-1.20200907/t/corpus/goodkey_1.txt0000644000175000017500000000120613725344750016361 0ustar marcmarcDKIM-Signature: v=1; a=rsa-sha1; c=simple; d=messiah.edu; h=from:to:subject:date; q=dns/txt; s=test1; bh=N9OQp3Fydw5h5SJ1UDyZrgBPEDU=; b=ZiYNuPr43CrzT9wUwgAapNx0NUVrBAV3nXj8AlOTkCh3OqVaR13LVxlUKA9hbznugXETCKSENDr4hGBPvuMwcA== Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (goodkey_1) Date: Wed, 7 Dec 2005 09:11:00 -0500 This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/badkey_7.txt0000644000175000017500000000145213725344750016170 0ustar marcmarcDKIM-Signature: v=0.5; a=rsa-sha1; c=simple; d=messiah.edu; h=received:received:from:to:subject:date:message-id; q=dns/txt; s=testbad7; bh=rYdLRBGGXK4PCDh+3AbwGuV2OEU=; b=fTmnR2WeabrW0qAlIDm25QOI8pEVfKayiu56bNQeIg7Qbcg7SEeq9Y71MU5WK11DWUwg2+nruwq+y22VQq/Wtw+014kTkfT073wMlTBjeZqNl63T+whlwgUAIjgR6XuR+BP6bc1/nRBbVB7Wjfctj5yNUgGCZqxVEh07wBtgFg0= Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (badkey_7) Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/badkey_6.txt0000644000175000017500000000145213725344750016167 0ustar marcmarcDKIM-Signature: v=0.5; a=rsa-sha1; c=simple; d=messiah.edu; h=received:received:from:to:subject:date:message-id; q=dns/txt; s=testbad4; bh=rYdLRBGGXK4PCDh+3AbwGuV2OEU=; b=fTmnR2WeabrW0qAlIDm25QOI8pEVfKayiu56bNQeIg7Qbcg7SEeq9Y71MU5WK11DWUwg2+nruwq+y22VQq/Wtw+014kTkfT073wMlTBjeZqNl63T+whlwgUAIjgR6XuR+BP6bc1/nRBbVB7Wjfctj5yNUgGCZqxVEh07wBtgFg0= Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (badkey_6) Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/good_rfc4871_4.txt0000644000175000017500000000103213725344750017026 0ustar marcmarcDKIM-Signature: v=1; a=rsa-sha1; c=simple; d=messiah.edu; h=from:to: subject:date:message-id; q=dns/txt; s=test1; i=JLong@Messiah.Edu; bh= a1tsxn+Nkk390KsMynntsb/bycM=; b=CZ+EhwbclRQIvdhanykJLhkpMANaS/+c GTEQ/0Ziy6t4SqM9TIeRv3qfzm+4TRNxvfiEzfr5KcTyVOnIVuQW3A== From: Jason Long To: Nobody Subject: dkim test - case-differing domain name Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/badkey_4.txt0000644000175000017500000000145213725344750016165 0ustar marcmarcDKIM-Signature: v=0.5; a=rsa-sha1; c=simple; d=messiah.edu; h=received:received:from:to:subject:date:message-id; q=dns/txt; s=testbad2; bh=rYdLRBGGXK4PCDh+3AbwGuV2OEU=; b=fTmnR2WeabrW0qAlIDm25QOI8pEVfKayiu56bNQeIg7Qbcg7SEeq9Y71MU5WK11DWUwg2+nruwq+y22VQq/Wtw+014kTkfT073wMlTBjeZqNl63T+whlwgUAIjgR6XuR+BP6bc1/nRBbVB7Wjfctj5yNUgGCZqxVEh07wBtgFg0= Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (badkey_4) Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/ignore_7.txt0000644000175000017500000000142113725344750016210 0ustar marcmarcDKIM-Signature: v=1; a=rsa-sha1; c=simple; d=messiah.edu; h=from:to:subject:date:message-id; q=dns/txt; s=selector1; x=1193229946; bh=ige3XiTAsWMkmHv+s6ZBSIbLNNc=; b=mRpAeHLMjhsluDZZpF+snljReZUX/MSFv9XShzGVo4wryMSvc5QEh/YtYwWmvm1gEwTgXbmhMgTmQuIIOggcQwlPurJSkz8Abx4HaHlhtFBIzAhc/R5Dfvh+Ni/tCPCqkOMiyE7yQjXBraxgZ9DpyFGf8JYZLDu1o6pz7hqeZcE= Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (ignore_7) Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> Ignore this signature, it is expired. Mail-DKIM-1.20200907/t/corpus/good_dk_6.txt0000644000175000017500000000065613725344750016343 0ustar marcmarcDomainKey-Signature: a=rsa-sha1; c=simple; d=messiah.edu; q=dns; s=test1; b=DmkekrvBPH2D/VSZU9vSOk/xWrllr QUy9KbJf/0IiMiILDXUIdQsf0J3DgGu3I/mez54kh/1bUA9r7b0plE2CA== From: Jason Long To: Nobody Subject: domainkeys test - no h= tag Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/multiple_1.txt0000644000175000017500000000442713725344750016563 0ustar marcmarcReturn-Path: X-Original-To: test@dkimtest.jason.long.name Delivered-To: dkimtest@mx2.messiah.edu Received: from voicemail.cis.att.net (unknown [12.34.200.188]) by mx2.messiah.edu (Postfix) with ESMTP id 02F12E15D8 for ; Wed, 3 May 2006 15:06:32 -0400 (EDT) Received: from (localhost[127.0.0.1]) by voicemail.cis.att.net (vm2) with SMTP id <2006050319071918800spa0re>; Wed, 3 May 2006 19:07:19 +0000 DKIM-Signature: a=rsa-sha256; c=simple; d=vmt2.cis.att.net; t=1146680862; h=Date : From : MIME-Version : To : Subject : Content-Type : Content-Transfer-Encoding; bh=HryPFX2R6r7JPsX1Z7+yReZddQR2PjvCvdXgaxW5QYU=; s=shan; b=QXd8h2UbBO7fIPz/Iy3wNwbVU6dih6ozokPXqAvI6p9iG5SqFahyTXwqZeltC4az3Sjay7Vx+b5e 1s2rQuhT4SKD47gJYs4kw0JgV2WLanF3oR1hWD0tL0vuDeUgH6kr DKIM-Signature: a=rsa-sha256; c=relaxed; d=vmt2.cis.att.net; t=1146680862; h=Date : From : MIME-Version : To : Subject : Content-Type : Content-Transfer-Encoding; bh=HryPFX2R6r7JPsX1Z7+yReZddQR2PjvCvdXgaxW5QYU=; s=shan; b=QXd8h2UbBO7fIPz/Iy3wNwbVU6dih6ozokPXqAvI6p9iG5SqFahyTXwqZeltC4az3Sjay7Vx+b5e 1s2rQuhT4SKD47gJYs4kw0JgV2WLanF3oR1hWD0tL0vuDeUgH6kr DKIM-Signature: a=rsa-sha256; c=relaxed; d=vmt2.cis.att.net; t=1146680862; h=Date : From : MIME-Version : To : Subject : Content-Type : Content-Transfer-Encoding; bh=HryPFX2R6r7JPsX1Z7+QR2PjvCvdXgaxW5QYU=; s=shan; b=QXd8h2UbBO7fIPz/Iy3wNwbVU6dih6ozokPXqAvI6p9iG5SqFahyTXwqZeltC4az3Sjay7Vx+b5e 1s2rQuhT4SKD47gJYs4kw0JgV2WLanF3oR1hWD0tL0vuDeUgH6kr DKIM-Signature: a=rsa-sha256; c=relaxed; d=vmt2.cis.att.net; t=1146680862; h=Date : From : MIME-Version : To : Subject : Content-Type : Content-Transfer-Encoding; bh=HryPFX2R6r7JPsX1Z7+yReZddQR2PjvCvdXgaxW5QYU=; s=shan; b=QXd8h2UbBO7fIPzVU6dih6ozokPXqAvI6p9iG5SqFahyTXwqZeltC4az3Sjay7Vx+b5e 1s2rQuhT4SKD47gJYs4kw0JgV2WLanF3oR1hWD0tL0vuDeUgH6kr Date: Wed, 15 Feb 2006 17:32:54 -0500 From: Tony Hansen MIME-Version: 1.0 To: dkim-test@altn.org, sa-test@sendmail.net, autorespond+dkim@dk.elandsys.com Subject: this is a test message minimum.ietf-01.sha256-relaxed Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Message-Id: <20060503190632.02F12E15D8@mx2.messiah.edu> The quick brown fox jumped over the lazy dog. Mail-DKIM-1.20200907/t/corpus/ignore_1.txt0000644000175000017500000000142713725344750016210 0ustar marcmarcDKIM-Signature: v=5; a=rsa-sha1; c=simple; d=messiah.edu; h=received:received:from:to:subject:date:message-id; q=dns; s=selector1; bh=rYdLRBGGXK4PCDh+3AbwGuV2OEU=; b=NjJBlNqLnQcz8zwF899l4JHO0blD3rRSlR3mPiOLa137fG5RSKOHeYle0U5sBcRNwIUQub+kpXhi9snZqf0zbRfO+TBaZ8dfdVRzX0d4n0PoQCX453fAAnmZcsgD3jevR+R0J/oa1Ao1A0Oj5X7mwut35QcwjIi42bDIjsFP9xk= Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This should be ignored because of a v=5 signature. Mail-DKIM-1.20200907/t/corpus/badkey_1.txt0000644000175000017500000000145513725344750016165 0ustar marcmarcDKIM-Signature: v=0.5; a=rsa-sha1; c=simple; d=messiah.edu; h=received:received:from:to:subject:date:message-id; q=dns/txt; s=nonexistent; bh=rYdLRBGGXK4PCDh+3AbwGuV2OEU=; b=fTmnR2WeabrW0qAlIDm25QOI8pEVfKayiu56bNQeIg7Qbcg7SEeq9Y71MU5WK11DWUwg2+nruwq+y22VQq/Wtw+014kTkfT073wMlTBjeZqNl63T+whlwgUAIjgR6XuR+BP6bc1/nRBbVB7Wjfctj5yNUgGCZqxVEh07wBtgFg0= Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (badkey_1) Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/dk_multiple_1.txt0000644000175000017500000000361413725344750017236 0ustar marcmarcDomainKey-Signature: a=rsa-sha1; c=simple; d=messiah.edu; h=date:from:to: subject:sender:message-id:mime-version:content-type; q=dns; s= test1; b=LtVZqGbwYWMXJVIEDEMJGKY6CxYOGPxlNVskEWTdOENGSjfuCe+sqrp e4K4pq6gh0J35O3qZZXrNC21g/gezyg== Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.174]) by mx2.messiah.edu (Postfix) with ESMTP id 79F442ADB4D for ; Tue, 10 Oct 2006 15:27:14 -0400 (EDT) Received: by ug-out-1314.google.com with SMTP id 29so952130ugc for ; Tue, 10 Oct 2006 12:27:13 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=foobar:received:message-id:date:from:to:barnone:subject:mime-version:content-type; b=JOYJLw6miPAjUXx+gIQm3NsWuFInq05TuJppyoxqTopYPe3bSKzRBPLw5X+OMO36re/FDEfZnOjJ4cNYvVPuld6JEikNjk2RK98unQvcdkgBPZODuE7g/vXgLZo005nQkwvfd+4dbpHiINsOTT/0ASxQ+65OcgBu0CRR/DO7z/M= Received: by 10.66.240.12 with SMTP id n12mr8614290ugh; Tue, 10 Oct 2006 12:27:12 -0700 (PDT) Received: by 10.67.96.17 with HTTP; Tue, 10 Oct 2006 12:27:12 -0700 (PDT) Date: Tue, 10 Oct 2006 15:27:12 -0400 From: "Jason Long" To: jlong@messiah.edu Subject: Test from gmail Sender: "George" Message-ID: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_20675_4029655.1160508432731" ------=_Part_20675_4029655.1160508432731 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline This message sent from Gmail. ------=_Part_20675_4029655.1160508432731 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline This message sent from Gmail.
------=_Part_20675_4029655.1160508432731-- Mail-DKIM-1.20200907/t/corpus/badkey_8.txt0000644000175000017500000000132713725344750016172 0ustar marcmarcDKIM-Signature: v=1; a=rsa-sha1; c=simple; d=messiah.edu; h=from:to:subject:date:message-id; q=dns/txt; s=testbad8; i=jlong@messiah.edu; bh=N9OQp3Fydw5h5SJ1UDyZrgBPEDU=; b=A+2Cc4OXC/PhT/5zcWDPKh6JSidy2TC+7Ejg4vgXpIvsFU6nXFPxpT2jEpXuBvwcpXI7tAcFOFwwIwOwxIywuA== Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (badkey_8) Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/bad_dk_3.txt0000644000175000017500000000064713725344750016136 0ustar marcmarcDomainKey-Signature: a=rsa-sha1; c=simple; d=messiah.edu; s=test1; b=DmkekrvBPH2D/VSZU9vSOk/xWrllr QUy9KbJf/0IiMiILDXUIdQsf0J3DgGu3I/mez54kh/1bUA9r7b0plE2CA== From: Jason Long To: Nobody Subject: domainkeys test - no h= tag Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/good_dk_yahoo.txt0000644000175000017500000000446213725344750017314 0ustar marcmarcReturn-Path: X-Original-To: dktest@mx2.messiah.edu Delivered-To: dktest@mx2.messiah.edu Received: from mx2.messiah.edu (localhost [127.0.0.1]) by mx2.messiah.edu (Postfix) with ESMTP id 4D4312A7FA9 for ; Tue, 10 Oct 2006 15:30:29 -0400 (EDT) X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on mymail1a.messiah.edu X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=HTML_MESSAGE autolearn=ham version=3.1.5 Received: from web34101.mail.mud.yahoo.com (web34101.mail.mud.yahoo.com [66.163.178.99]) by mx2.messiah.edu (Postfix) with SMTP id AAFAB2A9535 for ; Tue, 10 Oct 2006 15:30:28 -0400 (EDT) Received: (qmail 29991 invoked by uid 60001); 10 Oct 2006 19:30:27 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=AEpft01eHCTIX08AdBaACL0/1Qs+/xDO8CuOJI+MJWJyJX4elu9ciIUDee6SrnF0+RmDAYDKKfU7ImKhLZMJ/iB+aYC4d2HMp0YOUQfHyPUIc5IyurGpp9Rz7AY+9X+kj2eC3w7NrzRldLmnbrWRy+/XOpjF550uq/nwbMhmxLU= ; Message-ID: <20061010193027.29989.qmail@web34101.mail.mud.yahoo.com> Received: from [153.42.34.240] by web34101.mail.mud.yahoo.com via HTTP; Tue, 10 Oct 2006 12:30:27 PDT Date: Tue, 10 Oct 2006 12:30:27 -0700 (PDT) From: Jason Long Subject: test from Yahoo To: test@dktest.jason.long.name MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="0-237517700-1160508627=:29354" Content-Transfer-Encoding: 8bit --0-237517700-1160508627=:29354 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit This is testing DomainKeys from Yahoo. --------------------------------- Get your own web address for just $1.99/1st yr. We'll help. Yahoo! Small Business. --0-237517700-1160508627=:29354 Content-Type: text/html; charset=iso-8859-1 Content-Transfer-Encoding: 8bit This is testing DomainKeys from Yahoo.


Get your own web address for just $1.99/1st yr. We'll help. Yahoo! Small Business. --0-237517700-1160508627=:29354-- Mail-DKIM-1.20200907/t/corpus/good_qp_1.txt0000644000175000017500000000127213725344750016353 0ustar marcmarcDKIM-Signature: v=1; a=rsa-sha1; c=simple; d=messiah.edu; h=from:to :subject:date; s=test3; i==6Along@messiah.edu; bh=OW2otvzd7V2TO8 w056SjbYRFCa0=; b=Vfr9HgUlyVf1ZaRVMV8VJNSDXn7f1j2N/rFM4PPmYIC2GD pSelCRrdA979Buuu/Mmx9FTWoZJBL+s5tafFM8bw== Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (i= uses quoted-printable) Date: Wed, 9 Apr 2008 09:11:00 -0500 Should pass. This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/dk_headers_2.txt0000644000175000017500000000320513725344750017013 0ustar marcmarcReceived: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.174]) by mx2.messiah.edu (Postfix) with ESMTP id 79F442ADB4D for ; Tue, 10 Oct 2006 15:27:14 -0400 (EDT) Received: by ug-out-1314.google.com with SMTP id 29so952130ugc for ; Tue, 10 Oct 2006 12:27:13 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=foobar:received:message-id:date:from:to:barnone:subject:mime-version:content-type; b=JOYJLw6miPAjUXx+gIQm3NsWuFInq05TuJppyoxqTopYPe3bSKzRBPLw5X+OMO36re/FDEfZnOjJ4cNYvVPuld6JEikNjk2RK98unQvcdkgBPZODuE7g/vXgLZo005nQkwvfd+4dbpHiINsOTT/0ASxQ+65OcgBu0CRR/DO7z/M= Received: by 10.66.240.12 with SMTP id n12mr8614290ugh; Tue, 10 Oct 2006 12:27:12 -0700 (PDT) Received: by 10.67.96.17 with HTTP; Tue, 10 Oct 2006 12:27:12 -0700 (PDT) Date: Tue, 10 Oct 2006 15:27:12 -0400 From: "Jason Long" To: jlong@messiah.edu Subject: Test from gmail Sender: evil doer Message-ID: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_20675_4029655.1160508432731" ------=_Part_20675_4029655.1160508432731 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline This message sent from Gmail. ------=_Part_20675_4029655.1160508432731 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline This message sent from Gmail.
------=_Part_20675_4029655.1160508432731-- Mail-DKIM-1.20200907/t/corpus/good_ietf01_2.txt0000644000175000017500000000232713725344750017026 0ustar marcmarcReturn-Path: X-Original-To: test@dkimtest.jason.long.name Delivered-To: dkimtest@mx2.messiah.edu Received: from voicemail.cis.att.net (unknown [12.34.200.188]) by mx2.messiah.edu (Postfix) with ESMTP id 2E373ACA56 for ; Wed, 3 May 2006 15:06:33 -0400 (EDT) Received: from (localhost[127.0.0.1]) by voicemail.cis.att.net (vm2) with SMTP id <2006050319072018800spa0te>; Wed, 3 May 2006 19:07:20 +0000 DKIM-Signature: a=rsa-sha1; c=relaxed; d=vmt2.cis.att.net; t=1146680822; h=Date : From : MIME-Version : To : Subject : Content-Type : Content-Transfer-Encoding; bh=XsjhzIollWedOVMzExq3LQiemo8=; s=shan; b=dfA9w7PexfOn1CVB53OD5JHnEs5SA9CzqPKewF/P7RK+fm9xE5PxCoQ21RdxjVAjky6RssDnlxP/ UHDW78TkK5jxSYc93xFI0WoFyWkiVQ5cpi/rhwKy8kQRIdovh3HX Date: Wed, 15 Feb 2006 17:32:54 -0500 From: Tony Hansen MIME-Version: 1.0 To: dkim-test@altn.org, sa-test@sendmail.net, autorespond+dkim@dk.elandsys.com Subject: this is a test message minimum.domainkeys.sha1-relaxed Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Message-Id: <20060503190633.2E373ACA56@mx2.messiah.edu> The quick brown fox jumped over the lazy dog. Mail-DKIM-1.20200907/t/corpus/badkey_15.txt0000644000175000017500000000133213725344750016244 0ustar marcmarcDKIM-Signature: v=1; a=rsa-sha1; c=simple; d=blackhole2.messiah.edu; h=from:to :subject:date; s=test3; bh=F84VyLrUbda4ryQ+R8 +e+8UgVxM=; b=g4rCx46HdrfJu2tIlNpNsBW5IDJZMbMOaxPYzZ3qOfxm7lw0VN nzjx3Or5SlaeKSlhGqQwDmCqHzZ9caarICdQ== Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (dns failure) Date: Wed, 9 Apr 2008 09:11:00 -0500 Should cause a verification error, the DNS public key cannot be checked. This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/bad_dk_1.txt0000644000175000017500000000130413725344750016123 0ustar marcmarcDomainKey-Signature: a=rsa-sha1; c=nofws; d=messiah.edu; h=from:to:subject: date:message-id; q=dns; s=test1; b=RKd+t+/rSjCZ6vuvpXaSK/kH6NtFd eyCfC0jXN2LigEU7RVb5iW33aW8UN6gEKmSAmfd4/8xIFVtOq+fAQg4gw== Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: George To: Nobody Subject: domainkeys test (should fail since sender domain is wrong) Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/ignore_6.txt0000644000175000017500000000131713725344750016213 0ustar marcmarcDKIM-Signature: v=1; a=rsa-sha1; c=simple; d=messiah.edu; h=from:to:subject:date:message-id; q=dns/special; s=test1; bh=d+8ftYRNRA3Rl7UsO0gP3zT0XE0=; b=C5L1RpN/Nwer3JHq6dcDIilbAfNMynbCdPyGi1fGSsIIuSzBM2mmR3E9p13XqPeoz4rkeOP9PrwUTn3lpdH2uw== Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (ignore_6) Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> Ignore this signature, it has an option other than txt for dns query. Mail-DKIM-1.20200907/t/corpus/mine_ietf01_2.txt0000644000175000017500000000142613725344750017025 0ustar marcmarcDKIM-Signature: a=rsa-sha1; c=relaxed; d=messiah.edu; h=received:received:from:to:subject:date:message-id; q=dns; s=selector1; bh=N9OQp3Fydw5h5SJ1UDyZrgBPEDU=; b=1yiqw+Fz+aI1abGvAB6GR3UmMtgqiRRjWBk5CKXZKDHM4jTjMO0rY1dg9g+kFfbtotOEtgB0J3UtJzJyyLI1+LqeQsjTDEGprzXS21dqhkQnr/l/eZEP5/uqFm8YRrfarbWHkHj8oCsuE1/xi2rfCwyWkw1jO8N2/SzMkVQC/9M= Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/good_dk_gmail.txt0000644000175000017500000000415713725344750017267 0ustar marcmarcReturn-Path: X-Original-To: dktest@mx2.messiah.edu Delivered-To: dktest@mx2.messiah.edu Received: from mx2.messiah.edu (localhost [127.0.0.1]) by mx2.messiah.edu (Postfix) with ESMTP id 05B98272FBA for ; Tue, 10 Oct 2006 15:27:15 -0400 (EDT) X-Spam-Checker-Version: SpamAssassin 3.1.5 (2006-08-29) on mymail1a.messiah.edu X-Spam-Level: * X-Spam-Status: No, score=1.6 required=5.0 tests=HTML_10_20,HTML_MESSAGE, HTML_SHORT_LENGTH autolearn=no version=3.1.5 Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.174]) by mx2.messiah.edu (Postfix) with ESMTP id 79F442ADB4D for ; Tue, 10 Oct 2006 15:27:14 -0400 (EDT) Received: by ug-out-1314.google.com with SMTP id 29so952130ugc for ; Tue, 10 Oct 2006 12:27:13 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type; b=JOYJLw6miPAjUXx+gIQm3NsWuFInq05TuJppyoxqTopYPe3bSKzRBPLw5X+OMO36re/FDEfZnOjJ4cNYvVPuld6JEikNjk2RK98unQvcdkgBPZODuE7g/vXgLZo005nQkwvfd+4dbpHiINsOTT/0ASxQ+65OcgBu0CRR/DO7z/M= Received: by 10.66.240.12 with SMTP id n12mr8614290ugh; Tue, 10 Oct 2006 12:27:12 -0700 (PDT) Received: by 10.67.96.17 with HTTP; Tue, 10 Oct 2006 12:27:12 -0700 (PDT) Message-ID: Date: Tue, 10 Oct 2006 15:27:12 -0400 From: "Jason Long" To: jlong@messiah.edu Subject: Test from gmail MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_20675_4029655.1160508432731" ------=_Part_20675_4029655.1160508432731 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline This message sent from Gmail. ------=_Part_20675_4029655.1160508432731 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline This message sent from Gmail.
------=_Part_20675_4029655.1160508432731-- Mail-DKIM-1.20200907/t/corpus/good_dk_2.txt0000644000175000017500000000302313725344750016326 0ustar marcmarcDomainKey-Signature: c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=AEpft01eHCTIX08AdBaACL0/1Qs+/xDO8CuOJI+MJWJyJX4elu9ciIUDee6SrnF0+RmDAYDKKfU7ImKhLZMJ/iB+aYC4d2HMp0YOUQfHyPUIc5IyurGpp9Rz7AY+9X+kj2eC3w7NrzRldLmnbrWRy+/XOpjF550uq/nwbMhmxLU= ; Message-ID: <20061010193027.29989.qmail@web34101.mail.mud.yahoo.com> Received: from [153.42.34.240] by web34101.mail.mud.yahoo.com via HTTP; Tue, 10 Oct 2006 12:30:27 PDT Date: Tue, 10 Oct 2006 12:30:27 -0700 (PDT) From: Jason Long Subject: test from Yahoo To: test@dktest.jason.long.name MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="0-237517700-1160508627=:29354" Content-Transfer-Encoding: 8bit --0-237517700-1160508627=:29354 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit This is testing DomainKeys from Yahoo. --------------------------------- Get your own web address for just $1.99/1st yr. We'll help. Yahoo! Small Business. --0-237517700-1160508627=:29354 Content-Type: text/html; charset=iso-8859-1 Content-Transfer-Encoding: 8bit This is testing DomainKeys from Yahoo.


Get your own web address for just $1.99/1st yr. We'll help. Yahoo! Small Business. --0-237517700-1160508627=:29354-- Mail-DKIM-1.20200907/t/corpus/good_dk_4.txt0000644000175000017500000000136113725344750016333 0ustar marcmarcDomainKey-Signature: a=rsa-sha1; c=nofws; d=messiah.edu; h=from:sender:to: subject:date:message-id; q=dns; s=test3; b=H1Q37m3r5/SkjZa3Mik97 kZ28YjnE3u0h/ANUr/WnVNqnCoGS1BtY6a2soWtgaiv8pj70HR1BWh0B1GBjTvS1 g== Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: George Sender: Jason Long To: Nobody Subject: domainkeys test (key has g= requirement, should pass) Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/good_dk_1.txt0000644000175000017500000000304613725344750016332 0ustar marcmarcDomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=AEpft01eHCTIX08AdBaACL0/1Qs+/xDO8CuOJI+MJWJyJX4elu9ciIUDee6SrnF0+RmDAYDKKfU7ImKhLZMJ/iB+aYC4d2HMp0YOUQfHyPUIc5IyurGpp9Rz7AY+9X+kj2eC3w7NrzRldLmnbrWRy+/XOpjF550uq/nwbMhmxLU= ; Message-ID: <20061010193027.29989.qmail@web34101.mail.mud.yahoo.com> Received: from [153.42.34.240] by web34101.mail.mud.yahoo.com via HTTP; Tue, 10 Oct 2006 12:30:27 PDT Date: Tue, 10 Oct 2006 12:30:27 -0700 (PDT) From: Jason Long Subject: test from Yahoo To: test@dktest.jason.long.name MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="0-237517700-1160508627=:29354" Content-Transfer-Encoding: 8bit --0-237517700-1160508627=:29354 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit This is testing DomainKeys from Yahoo. --------------------------------- Get your own web address for just $1.99/1st yr. We'll help. Yahoo! Small Business. --0-237517700-1160508627=:29354 Content-Type: text/html; charset=iso-8859-1 Content-Transfer-Encoding: 8bit This is testing DomainKeys from Yahoo.


Get your own web address for just $1.99/1st yr. We'll help. Yahoo! Small Business. --0-237517700-1160508627=:29354-- Mail-DKIM-1.20200907/t/corpus/badkey_13.txt0000644000175000017500000000126213725344750016244 0ustar marcmarcDKIM-Signature: v=1; a=rsa-sha1; c=simple; d=messiah.edu; h=from:to :subject:date; s=test3; i=foo@messiah.edu; bh=F84VyLrUbda4ryQ+R8 +e+8UgVxM=; b=g4rCx46HdrfJu2tIlNpNsBW5IDJZMbMOaxPYzZ3qOfxm7lw0VN nzjx3Or5SlaeKSlhGqQwDmCqHzZ9caarICdQ== Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (g= is compared to i= tag) Date: Wed, 9 Apr 2008 09:11:00 -0500 Should fail. This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/good_ietf00_1.txt0000644000175000017500000000253113725344750017021 0ustar marcmarcReturn-Path: X-Original-To: test@dkimtest.jason.long.name Delivered-To: dkimtest@mx2.messiah.edu Received: from voicemail.cis.att.net (unknown [12.34.200.188]) by mx2.messiah.edu (Postfix) with ESMTP id AF5B673483 for ; Fri, 3 Mar 2006 10:39:09 -0500 (EST) Date: Fri, 3 Mar 2006 15:34:41 +0000 (GMT) X-Comment: Sending client does not conform to RFC822 minimum requirements X-Comment: Date has been added by Maillennium Received: from (localhost[127.0.0.1]) by voicemail.cis.att.net (vm2) with SMTP id <2006030315344118800sp98oe>; Fri, 3 Mar 2006 15:34:41 +0000 DKIM-Signature: a=rsa-sha1; c=relaxed/simple; d=vmt2.cis.att.net; t=1141353705; h=Date : From : MIME-Version : To : Subject : Content-Type : Content-Transfer-Encoding; s=foo; b=WECs6qf6NR7HdlerchZEyOXRiyvYZgeoZyIWvaL4A6wtz9R8xCVV9oKrjMO7/l9QYBju/UPlGiZK guscixD2rQvw+zGxkdsFsarocO+aSXLPU3O1HYLWRH98PPpr5LEP Date: Wed, 15 Feb 2006 17:32:54 -0500 From: Tony Hansen MIME-Version: 1.0 To: dkim-test@altn.org, sa-test@sendmail.net, autorespond+dkim@dk.elandsys.com Subject: prefixed blanks test message relaxed/simple Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Message-Id: <20060303153909.AF5B673483@mx2.messiah.edu> The quick brown fox jumped over the lazy dog. Mail-DKIM-1.20200907/t/corpus/mine_ietf01_1.txt0000644000175000017500000000142513725344750017023 0ustar marcmarcDKIM-Signature: a=rsa-sha1; c=simple; d=messiah.edu; h=received:received:from:to:subject:date:message-id; q=dns; s=selector1; bh=N9OQp3Fydw5h5SJ1UDyZrgBPEDU=; b=oBuc3TDZNcm5z+Q64oXEz5jEpCaW60qJ8Nm3bN8sjOXdHSRF3RAQoZ9KgBMTJhrxfukvxoSmwn9l/LtgEfuSk0ozMfxdWvroEdVwANv3XeJK7q5ASSq5qtxhpEUMoArRqmos6lCzaCYpS+nWltNFDQN/rbAnjQNcjihikrkLRTI= Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/ignore_3.txt0000644000175000017500000000143413725344750016210 0ustar marcmarcDKIM-Signature: v=0.5; a=dsa-sha1; c=simple; d=messiah.edu; h=received:received:from:to:subject:date:message-id; q=dns; s=selector1; bh=rYdLRBGGXK4PCDh+3AbwGuV2OEU=; b=NjJBlNqLnQcz8zwF899l4JHO0blD3rRSlR3mPiOLa137fG5RSKOHeYle0U5sBcRNwIUQub+kpXhi9snZqf0zbRfO+TBaZ8dfdVRzX0d4n0PoQCX453fAAnmZcsgD3jevR+R0J/oa1Ao1A0Oj5X7mwut35QcwjIi42bDIjsFP9xk= Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> Ignore this signature; it has an unsupported key algorithm. Mail-DKIM-1.20200907/t/corpus/bad_dk_5.txt0000644000175000017500000000066013725344750016133 0ustar marcmarcDomainKey-Signature: a=rsa-sha1; c=simple; d=messiah.edu; q=bogus; s=test1; b=DmkekrvBPH2D/VSZU9vSOk/xWrllr QUy9KbJf/0IiMiILDXUIdQsf0J3DgGu3I/mez54kh/1bUA9r7b0plE2CA== From: Jason Long To: Nobody Subject: domainkeys test - no h= tag Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/no_body_2.txt0000644000175000017500000000136113725344750016354 0ustar marcmarcDKIM-Signature: v=0.5; a=rsa-sha1; c=simple; d=messiah.edu; h=received:received:from:to:subject:date:message-id; q=dns/txt; s=selector1; bh=uoq1oCgLlTqpdDX/iUbLy7J1Wic=; b=akH0wLCX2J61xzcSfd8vo9wH9BYTddfmyUQPxIwZTVLjCwCyUtE88owD4zKDa8RZ9lqbkpa0z+oRiTvTT/defySlWs9fT3HIcQ+GcrhV2DF7+4BY+VHf9Qk0ML4ajwq3s+r8zfM/+hv2D1K/BuNgf+AIKyC7axz0b4CsfdBSZI4= Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test - empty body Date: Wed, 22 Feb 2007 09:11:00 -0500 Message-ID: <20070222091100@test.messiah.edu> Mail-DKIM-1.20200907/t/corpus/good_1878523.txt0000644000175000017500000000130213725344750016346 0ustar marcmarcReceived: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long DKIM-Signature: v=1; a=rsa-sha1; c=simple; d=messiah.edu; h=from:to: subject:date; q=dns/txt; s=test1; bh=NKeLfwHtKnDOE3FQbS1TqhxDYN0 =; b=VFNuRhCNOYPIMewC73aSqICVdmI8N3QgyDBYN0/suweIrjiGF+A6MWIF3Kc GKr3mcfDKsmNoTcaSCP47cB6wAA== To: Nobody Subject: dkim test (signature moved) Date: Wed, 7 Dec 2005 09:11:00 -0500 This tests whether issue #1878523 is fixed. This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/ignore_5.txt0000644000175000017500000000127013725344750016210 0ustar marcmarcDKIM-Signature: v=1; a=rsa-sha1; c=simple; d=messiah.edu; h=from:to:subject:date:message-id; q=http; s=test1; bh=gG+cRFxnpu7ApVgxzeYxYHywjBA=; b=SqBRGTdPJyZZUbgRrzZlOxXeHvFXmUvPTLyR7FqkFfezM7SH1YMoFqmL1a5Yteej8CzNBJifhmJ9a3SoyuLn8w== Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (ignore_5) Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> Ignore this signature, the query method is unsupported. Mail-DKIM-1.20200907/t/corpus/good_ietf00_4.txt0000644000175000017500000000226713725344750017032 0ustar marcmarcReturn-Path: X-Original-To: test@dkimtest.jason.long.name Delivered-To: dkimtest@mx2.messiah.edu Received: from voicemail.cis.att.net (unknown [12.34.200.188]) by mx2.messiah.edu (Postfix) with ESMTP id 581BB7323C for ; Wed, 1 Mar 2006 16:27:14 -0500 (EST) Received: from (localhost[127.0.0.1]) by voicemail.cis.att.net (vm2) with SMTP id <2006030121275918800sp93ne>; Wed, 1 Mar 2006 21:27:59 +0000 DKIM-Signature: a=rsa-sha1; c=simple/simple; d=vmt2.cis.att.net; t=1141248471; h=DaTe : FrOm : MiMe-vErSiOn : To : SuBjEcT : CoNtEnT-TyPe : CoNtEnT-TrAnSfEr-eNcOdInG; s=foo; b=lvE5sFj5AGe0A9f7px9ZrnTyLoxBdwzePVI8JXT4rlKg2KP1TuoNW/KNjoezhIcnLlchxw8Dp0w4 /0W1Mp/Z9N3spa7EYTAvfL4BxDOPhnT+q5aIfcAXSufReQijhI4M Date: Wed, 15 Feb 2006 17:32:54 -0500 From: Tony Hansen MIME-Version: 1.0 To: dkim-test@altn.org, sa-test@sendmail.net, autorespond+dkim@dk.elandsys.com Subject: test with mixed case h=hdr names simple/simple Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Message-Id: <20060301212714.581BB7323C@mx2.messiah.edu> The quick brown fox jumped over the lazy dog. Mail-DKIM-1.20200907/t/corpus/good_dk_3.txt0000644000175000017500000000130213725344750016325 0ustar marcmarcDomainKey-Signature: a=rsa-sha1; c=nofws; d=messiah.edu; h=from:to:subject: date:message-id; q=dns; s=test3; b=Y/BiKnnQFSFJs46ZZw1Qh0hovxT/L +Db3izq4PAKhe3BjfhtxSNcqsnTj7QNjX/4duotVj5FWvKifkz3AVFP1A== Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: domainkeys test (key has g= requirement, should pass) Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/badkey_12.txt0000644000175000017500000000125413725344750016244 0ustar marcmarcDKIM-Signature: v=1; a=rsa-sha1; c=simple; d=messiah.edu; h=from:to :subject:date; s=test3; i=JLONG@messiah.edu; bh=N9OQp3Fydw5h5SJ1 UDyZrgBPEDU=; b=NC/Z6Cxe5zrXRfaHn+GXPUZtJKq4NqkbJUKPyTd98gqgb3Np tlp94hM9wVIdBfIN1e5sgrAyixdRcWs5vRKKGA== Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (g= is case-sensitive compare) Date: Wed, 7 Dec 2005 09:11:00 -0500 This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/badkey_14.txt0000644000175000017500000000133113725344750016242 0ustar marcmarcDKIM-Signature: v=1; a=rsa-sha1; c=simple; d=blackhole.messiah.edu; h=from:to :subject:date; s=test3; bh=F84VyLrUbda4ryQ+R8 +e+8UgVxM=; b=g4rCx46HdrfJu2tIlNpNsBW5IDJZMbMOaxPYzZ3qOfxm7lw0VN nzjx3Or5SlaeKSlhGqQwDmCqHzZ9caarICdQ== Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (dns failure) Date: Wed, 9 Apr 2008 09:11:00 -0500 Should cause a verification error, the DNS public key cannot be checked. This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/badkey_9.txt0000644000175000017500000000131413725344750016167 0ustar marcmarcDKIM-Signature: v=1; a=rsa-sha1; c=simple; d=messiah.edu; h=from:to:subject:date:message-id; q=dns/txt; s=test4; bh=a1tsxn+Nkk390KsMynntsb/bycM=; b=h2JxFpS6tGwIhc80mS5fuzRwlIr3jdycXDAuFtUOvH4AdbfWtoixEvLpHl8yhqlbXJJWmlyqJLmWkULjE3enOA== Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (empty i= local part) Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/badkey_5.txt0000644000175000017500000000145213725344750016166 0ustar marcmarcDKIM-Signature: v=0.5; a=rsa-sha1; c=simple; d=messiah.edu; h=received:received:from:to:subject:date:message-id; q=dns/txt; s=testbad3; bh=rYdLRBGGXK4PCDh+3AbwGuV2OEU=; b=fTmnR2WeabrW0qAlIDm25QOI8pEVfKayiu56bNQeIg7Qbcg7SEeq9Y71MU5WK11DWUwg2+nruwq+y22VQq/Wtw+014kTkfT073wMlTBjeZqNl63T+whlwgUAIjgR6XuR+BP6bc1/nRBbVB7Wjfctj5yNUgGCZqxVEh07wBtgFg0= Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (badkey_5) Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/badkey_10.txt0000644000175000017500000000136713725344750016247 0ustar marcmarcDKIM-Signature: v=1; a=rsa-sha1; c=simple; d=messiah.edu; h=from:to:subject:date:message-id; q=dns/txt; s=test5; i=jlong@subdomain.messiah.edu; bh=a1tsxn+Nkk390KsMynntsb/bycM=; b=OJLajmX/ndyDwjAAC6e1fElkVLoKBJivp5cFoOT2UrW2Pqs5zRZLjsE6+QkxcnBySL9g4l2/EYVMidhg1iXo9g== Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 From: Jason Long To: Nobody Subject: dkim test (i= using subdomain, should fail) Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test More lines here Blah blah blah Mail-DKIM-1.20200907/t/corpus/bad_ietf01_1.txt0000644000175000017500000000240513725344750016620 0ustar marcmarcReturn-Path: X-Original-To: test@dkimtest.jason.long.name Delivered-To: dkimtest@mx2.messiah.edu Received: from voicemail.cis.att.net (unknown [12.34.200.188]) by mx2.messiah.edu (Postfix) with ESMTP id 02F12E15D8 for ; Wed, 3 May 2006 15:06:32 -0400 (EDT) Received: from (localhost[127.0.0.1]) by voicemail.cis.att.net (vm2) with SMTP id <2006050319071918800spa0re>; Wed, 3 May 2006 19:07:19 +0000 DKIM-Signature: a=rsa-sha256; c=relaxed; d=vmt2.cis.att.net; t=1146680862; h=Date : From : MIME-Version : To : Subject : Content-Type : Content-Transfer-Encoding; bh=HryPFX2R6r7JPsX1Z7+yReZddQR2PjvCvdXgaxW5QYU=; s=shan; b=QXd8h2UbBO7fIPz/Iy3wNwbVU6dih6ozokPXqAvI6p9iG5SqFahyTXwqZeltC4az3Sjay7Vx+b5e 1s2rQuhT4SKD47gJYs4kw0JgV2WLanF3oR1hWD0tL0vuDeUgH6kr Date: Wed, 15 Feb 2006 17:32:54 -0500 From: Tony Hansen MIME-Version: 1.0 To: dkim-test@altn.org, sa-test@sendmail.net, autorespond+dkim@dk.elandsys.com Subject: this is a test message minimum.ietf-01.sha256-relaxed Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Message-Id: <20060503190632.02F12E15D8@mx2.messiah.edu> The quick brown fox jumped over the lazy dog. This body has been altered. Mail-DKIM-1.20200907/t/corpus/bad_1878954.txt0000644000175000017500000000101113725344750016151 0ustar marcmarcDKIM-Signature: v=1; a=rsa-sha1; c=relaxed/simple; d=ijs.si; h=from: message-id:date; q=dns/txt; s=jakla2; bh=/edzoYuyn17WXm8KeqcX/R+ khdQ=; b=S7zv7fa8ju7VDq20iD+0OcAE/7k3P1LvYKyIOJxeaEbXh8C06q1+Q4l KUASCgesOs2M/3E7lkJdmRQvnYdX41BxkoCrI31suRpLyykIQYjM/pUoKHruEZaQ 3K5Ud6SVKaI2abyzNFT5Yn3QdjdKAQMfMEFC/MAfdooQml/X6SIo= this message certainly doesn't verify, since I modified it, but in certain versions of Mail::DKIM (e.g. 0.30.1), it crashes with this error: "Can't use an undefined value as an ARRAY reference" Mail-DKIM-1.20200907/t/corpus/multiple_2.txt0000644000175000017500000000242513725344750016560 0ustar marcmarcDKIM-Signature: v=1; a=rsa-sha1; c=foobar; d=messiah.edu; h=date:from:subject; q=dns/txt; s=selector1; bh=q6DWKdHUzNbVPt6YBbD1KOai/b8=; b=keocS8z7y+utmOuSEa9Q3jpty3bD7ggJgVzh1As9IxLe1xdsLg6tsTgbSntF1Eo2OBwR3EEb1IfTnJ6YvranPVoau5xVF5ydSBjk65HDK/vl1jNrNR4JSkyxxsSFF1npfPZTA9pCEMskdU7mUPqHzC/AxOtm/npzviD83+VUPfA= DKIM-Signature: v=1; a=rsa-sha1; c=simple; d=messiah.edu; h=date:from:subject; q=dns/txt; s=selector1; bh=q6DWKdHUzNbVPt6YBbD1KOai/b8=; b=keocS8z7y+utmOuSEa9Q3jpty3bD7ggJgVzh1As9IxLe1xdsLg6tsTgbSntF1Eo2OBwR3EEb1IfTnJ6YvranPVoau5xVF5ydSBjk65HDK/vl1jNrNR4JSkyxxsSFF1npfPZTA9pCEMskdU7mUPqHzC/AxOtm/npzviD83+VUPfA= DKIM-Signature: v=1; a=rsa-sha1; c=simple; d=messiah.edu; h=date:from:subject; q=dns/txt; s=selector1; bh=q6DWKdHUzNbVPt6YBbD1KOai/b8=; b=shouldfailutmOuSEa9Q3jpty3bD7ggJgVzh1As9IxLe1xdsLg6tsTgbSntF1Eo2OBwR3EEb1IfTnJ6YvranPVoau5xVF5ydSBjk65HDK/vl1jNrNR4JSkyxxsSFF1npfPZTA9pCEMskdU7mUPqHzC/AxOtm/npzviD83+VUPfA= DKIM-Signature: synerr Date: Wed, 15 Feb 2006 17:32:54 -0500 From: Jason Long Subject: dkim test (multiple_2) The quick brown fox jumped over the lazy dog. The first signature should be invalid (i.e. bad canonicalization) The second signature should pass The third signature should fail The fourth signature is unparseable. Mail-DKIM-1.20200907/t/adsp.t0000755000175000017500000000205013725344750013541 0ustar marcmarc#!/usr/bin/perl -I../blib/lib use strict; use warnings; use Test::More tests => 6; use Mail::DKIM::Verifier; use Mail::DKIM::AuthorDomainPolicy; my $message = <<'END'; From: Jason Long Sender: George Subject: test message This message has no signature. END $message =~ s/\n/\015\012/gs; my $dkim = Mail::DKIM::Verifier->new(); $dkim->PRINT($message); $dkim->CLOSE; ok( $dkim, "created verifier" ); my $policy; $policy = Mail::DKIM::AuthorDomainPolicy->new(); ok( $policy, "new() works" ); $policy = Mail::DKIM::AuthorDomainPolicy->parse( String => "dkim=all", Domain => "fake.authmilter.org", ); ok( $policy, "parse() works" ); my $result; $result = $policy->apply($dkim); print "# $result\n"; ok( $result eq "neutral", "got expected result" ); $policy = Mail::DKIM::AuthorDomainPolicy->parse( String => "dkim=discardable", Domain => "fake.authmilter.org", ); ok( $policy, "parse() works" ); $result = $policy->apply($dkim); print "# $result\n"; ok( $result eq "reject", "got expected result" ); Mail-DKIM-1.20200907/t/policy.t0000755000175000017500000001103513725344750014114 0ustar marcmarc#!/usr/bin/perl -I../blib/lib use strict; use warnings; use Test::RequiresInternet; use Test::More tests => 19; use Mail::DKIM::DkPolicy; use Mail::DKIM::DkimPolicy; use Mail::DKIM::AuthorDomainPolicy; use Net::DNS::Resolver; my $Resolver = Net::DNS::Resolver->new( nameservers => [ '1.1.1.1', '8.8.8.8' ], ); Mail::DKIM::DNS::resolver( $Resolver ); my $policy; $policy = Mail::DKIM::DkPolicy->new(); ok( $policy, "new() works" ); $policy = Mail::DKIM::DkPolicy->parse( String => "o=~; t=y" ); ok( $policy, "parse() works" ); $policy = Mail::DKIM::DkPolicy->fetch( Protocol => "dns", Domain => "policy.test.authmilter.org" ); ok( $policy, "fetch() works (requires DNS)" ); ok( !$policy->is_implied_default_policy, "not the default policy" ); $policy = Mail::DKIM::DkPolicy->parse( String => "" ); ok( $policy, "parse() works (no tags)" ); ok( !defined( $policy->note ), "note tag has default value" ); $policy->note("hi there"); ok( $policy->note eq "hi there", "note tag has been changed" ); ok( $policy->policy eq "~", "policy tag has default value" ); $policy->policy("-"); ok( $policy->policy eq "-", "policy tag has been changed" ); ok( !$policy->testing, "testing flag has default value" ); #$policy->testing(1); #ok($policy->testing, "testing flag has been changed"); ok( $policy->as_string, "as_string() method is implemented" ); SKIP: { skip "these tests depend on local resolver behaviour and may fail unnecessarily", 5 unless ( $ENV{DNS_TESTS_NXDOMAIN} ); # Tests dependent on local DNS behaviour $policy = Mail::DKIM::DkPolicy->fetch( Protocol => "dns", Sender => 'alfred@doesnotexist.test.authmilter.org.invalid', ); ok( $policy, "fetch() returns policy for nonexistent domain" ); ok( $policy->is_implied_default_policy, "yep, it's the default policy" ); $policy = Mail::DKIM::AuthorDomainPolicy->fetch( Protocol => "dns", Domain => "nonexistent-subdomain.test.authmilter.org.invalid", ); ok( $policy, "fetch() returns policy for nonexistent domain" ); ok( !$policy->is_implied_default_policy, "shouldn't be the default policy" ); ok( $policy->policy eq "NXDOMAIN", "got policy of NXDOMAIN" ); } SKIP: { skip "test depends on specific DNS setup at test site", 1 unless ( $ENV{DNS_TESTS_BLACKHOLE_TIMEOUT} ); # Tests dependent on local DNS behaviour $policy = eval { Mail::DKIM::AuthorDomainPolicy->fetch( Protocol => "dns", Domain => "blackhole.authmilter.org", ); }; my $E = $@; print "# got error: $E" if $E; ok( !$policy && $E && $E =~ /(timeout|timed? out)/, "timeout error fetching policy" ); } SKIP: { skip "test depends on specific DNS setup at test site", 1 unless ( $ENV{DNS_TESTS_BLACKHOLE_SERVFAIL} ); $policy = eval { Mail::DKIM::AuthorDomainPolicy->fetch( Protocol => "dns", Domain => "blackhole.authmilter.org", ); }; my $E = $@; print "# got error: $E" if $E; ok( !$policy && $E && $E =~ /SERVFAIL/, "SERVFAIL dns error fetching policy" ); } # test a policy record where _domainkey.DOMAIN gives a # DNS error, but DOMAIN itself is valid SKIP: { skip "this test is currently failing", 1; $policy = eval { Mail::DKIM::AuthorDomainPolicy->fetch( Protocol => "dns", Domain => "blackhole2.authmilter.org", ); }; my $E = $@; print "# got error: $E" if $E; ok( !$policy && $E && $E =~ /SERVFAIL/, "SERVFAIL dns error fetching policy" ); } #debug_policies(qw(yahoo.com hotmail.com gmail.com)); #debug_policies(qw(paypal.com ebay.com)); #debug_policies(qw(cisco.com sendmail.com)); sub debug_policies { foreach my $domain (@_) { print "# $domain:\n"; print "# DomainKeys: "; my $policy = Mail::DKIM::DkPolicy->fetch( Protocol => "dns", Domain => $domain ); if ( $policy->is_implied_default_policy ) { print "no policy\n"; } else { print $policy->policy . " ("; print $policy->as_string . ")\n"; } print "# DKIM: "; $policy = Mail::DKIM::DkimPolicy->fetch( Protocol => "dns", Domain => $domain ); if ( $policy->is_implied_default_policy ) { print "no policy\n"; } else { print $policy->policy . " ("; print $policy->as_string . ")\n"; } } } Mail-DKIM-1.20200907/t/signer_policy.t0000755000175000017500000001136313725344750015467 0ustar marcmarc#!/usr/bin/perl -I../lib use strict; use warnings; use Test::Simple tests => 24; use Mail::DKIM::Signer; my $keyfile = -f "t/test.key" ? "t/test.key" : "test.key"; my $policy; my $dkim; # test specification of a policy "class" $policy = "MySignerPolicy"; $dkim = sign_sample_using_args( Policy => $policy, KeyFile => $keyfile ); ok( $dkim, "processed message" ); my $signature = $dkim->signature; ok( $signature, "signature() works" ); print "# signature=" . $signature->as_string . "\n"; ok( $signature->as_string =~ /d=different-domain/, "got expected domain in signature" ); ok( $signature->as_string =~ /c=relaxed/, "got expected canonicalization method in signature" ); ok( $signature->as_string =~ /a=rsa-sha256/, "got expected algorithm in signature" ); # try using a policy "object" $policy = bless {}, "MySignerPolicy"; $dkim = sign_sample_using_args( Policy => $policy, KeyFile => $keyfile ); ok( $dkim, "processed message" ); $signature = $dkim->signature; ok( $signature, "signature() works" ); print "# signature=" . $signature->as_string . "\n"; ok( $signature->as_string =~ /d=different-domain/, "got expected domain in signature" ); # now a policy as an anonymous subroutine $policy = sub { my $signer = shift; $signer->domain("different-domain.example"); $signer->method("relaxed"); $signer->algorithm("rsa-sha256"); $signer->selector("beta"); $signer->key_file($keyfile); return 1; }; $dkim = sign_sample_using_args( Policy => $policy ); ok( $dkim, "processed message" ); $signature = $dkim->signature; ok( $signature, "got signature" ); # this policy should not produce any signature $policy = sub { my $signer = shift; return 0; }; $dkim = sign_sample_using_args( Policy => $policy, KeyFile => $keyfile ); ok( $dkim, "processed message" ); $signature = $dkim->signature; ok( !$signature, "no signature" ); # this policy should produce a DomainKeys signature use Mail::DKIM::DkSignature; $policy = sub { my $signer = shift; $signer->add_signature( new Mail::DKIM::DkSignature( Algorithm => "rsa-sha1", Method => "nofws", Headers => $dkim->headers, Domain => "different-domain.example", Selector => "beta", ) ); return; }; $dkim = sign_sample_using_args( Policy => $policy, KeyFile => $keyfile ); ok( $dkim, "processed message" ); $signature = $dkim->signature; ok( $signature, "got signature" ); print "# signature=" . $signature->as_string . "\n"; ok( $signature->as_string =~ /DomainKey-Signature/, "got DomainKeys signature" ); ok( $signature->as_string =~ /d=different-domain/, "got expected domain in signature" ); ok( $signature->as_string =~ /c=nofws/, "got expected canonicalization method in signature" ); ok( $signature->as_string !~ /bh=/, "no bh= tag in signature" ); # this policy should produce two signature (one DKIM and one DomainKeys) $policy = sub { my $signer = shift; $signer->add_signature( new Mail::DKIM::DkSignature( Algorithm => "rsa-sha1", Method => "nofws", Headers => $dkim->headers, Domain => "different-domain.example", Selector => "beta", ) ); $signer->add_signature( new Mail::DKIM::Signature( Algorithm => "rsa-sha256", Method => "relaxed", Headers => $dkim->headers, Domain => "different-domain.example", Selector => "beta", ) ); }; $dkim = sign_sample_using_args( Policy => $policy, KeyFile => $keyfile ); ok( $dkim, "processed message" ); $signature = $dkim->signature; ok( $signature, "got signature" ); print "# signature=" . $signature->as_string . "\n"; ok( $signature->as_string =~ /^DKIM-Signature/, "got DKIM signature" ); my @multiple = $dkim->signatures; ok( @multiple == 2, "got 2 signatures" ); ok( $multiple[0]->as_string =~ /^DomainKey-Signature/, "first is DomainKeys signature" ); ok( $multiple[1]->as_string =~ /^DKIM-Signature/, "second is DKIM signature" ); sub sign_sample_using_args { my %args = @_; my $dkim = Mail::DKIM::Signer->new(%args) or die "couldn't create signer object"; my $sample_email = < Subject: hi there this is a sample message END_OF_SAMPLE $sample_email =~ s/\n/\015\012/gs; $dkim->PRINT($sample_email); $dkim->CLOSE; return $dkim; } package MySignerPolicy; use Mail::DKIM::SignerPolicy; use base "Mail::DKIM::SignerPolicy"; sub apply { my ( $self, $signer ) = @_; $signer->domain("different-domain.example"); $signer->method("relaxed"); $signer->algorithm("rsa-sha256"); $signer->selector("beta"); return 1; } Mail-DKIM-1.20200907/t/textwrap.t0000755000175000017500000000655613725344750014507 0ustar marcmarc#!/usr/bin/perl -I../lib use strict; use warnings; use Test::Simple tests => 16; use Mail::DKIM::TextWrap; my $tw; $tw = Mail::DKIM::TextWrap->new; ok( $tw, "new() works" ); my $output = ""; my @lines; $tw = Mail::DKIM::TextWrap->new( Margin => 10, Output => \$output, ); $tw->add("Mary had a little lamb, whose fleece was white as snow.\n"); $tw->finish; my $saved1 = $output; check_output("basic wrapping"); ok( @lines == 7, "basic wrapping got expected number of lines" ); foreach ( "Mary ", "had ", "a ", "little ", "lamb, ", "whose ", "fleece ", "was ", "white ", "as ", "snow.\n" ) { $tw->add($_); } $tw->finish; my $saved2 = $output; check_output("basic wrapping- words added separately, space following each"); ok( $saved1 eq $saved2, "same result when words added separately, space following each" ); foreach ( "Mary", " had", " a", " little", " lamb,", " whose", " fleece", " was", " white", " as", " snow.\n" ) { $tw->add($_); } $tw->finish; my $saved3 = $output; check_output("basic wrapping- words added separately, space preceding each"); ok( $saved1 eq $saved3, "same result when words added separately, space preceding each" ); $tw->{Separator} = "\n "; $tw->add("Mary had a little lamb, whose fleece was white as snow.\n"); $tw->finish; check_output("with second-line indent"); ok( $lines[0] =~ /^Mary had a/, "first line looks ok" ); $tw = Mail::DKIM::TextWrap->new( Margin => 10, Output => \$output, Break => qr/[\s:]/, ); $tw->add("apple:orange:banana:apricot:blueberry:strawberry-kiwi\n"); $tw->finish; check_output("colon-separated list"); ok( $lines[0] eq "apple:", "first line looks ok" ); ok( $lines[1] eq "orange:", "second line looks ok" ); ok( $lines[$#lines] =~ "strawberry-kiwi", "over-long word did not get split" ); $tw->add(" apple : orange : apricot : kiwi \n"); $tw->finish; check_output("colon-separated list with spaces"); ok( $lines[0] =~ /^\s/, "first line begins with space" ); ok( $lines[$#lines] =~ /\s$/, "last line ends with space" ); ok( grep( !/(^\s|\s$)/, @lines[ 1 .. ( $#lines - 1 ) ] ), "middle lines neither begin nor end with space" ); $tw = Mail::DKIM::TextWrap->new( Margin => 10, Output => \$output, Break => qr/[\s:]/, BreakBefore => qr/[:]/, ); $tw->add("apple:orange:banana:apricot:lime:kiwi\n"); $tw->finish; check_output("colon-separated list, split before colons"); ok( $lines[0] eq "apple", "first line looks ok" ); ok( $lines[1] eq ":orange", "second line looks ok" ); ok( $lines[$#lines] =~ /:kiwi$/, "last line looks ok" ); $tw = Mail::DKIM::TextWrap->new( Margin => 10, Output => \$output, ); $tw->add("apple"); $tw->add("orange"); $tw->add("banana"); $tw->add("apricot"); $tw->finish; check_output(""); ok( @lines == 1, "no wrapping took place" ); $tw = Mail::DKIM::TextWrap->new( Margin => 10, Output => \$output, ); foreach (qw(apple orange banana apricot)) { $tw->add($_); $tw->flush; } $tw->finish; check_output(""); ok( !( grep { length($_) > 10 } @lines ), "no long lines" ); sub check_output { my ($test_name) = @_; @lines = split /\n/, $output; $output = ""; print "# $test_name\n"; print "# " . ( '-' x $tw->{Margin} ) . "\n"; foreach my $l (@lines) { print "# $l\n"; } print "# " . ( '-' x $tw->{Margin} ) . "\n"; } Mail-DKIM-1.20200907/t/signer.t0000755000175000017500000001440113725344750014104 0ustar marcmarc#!/usr/bin/perl -I../lib use strict; use warnings; use Test::Simple tests => 31; use Mail::DKIM::Signer; my $EXPECTED_RE = qr/CIDMVc94VWhLZ4Ktq2Q05011qBXSO/; my $tdir = -f "t/test.key" ? "t" : "."; my $keyfile = "$tdir/test.key"; my $dkim = Mail::DKIM::Signer->new( Algorithm => "rsa-sha1", Method => "relaxed", Domain => "example.org", Selector => "test", KeyFile => $keyfile ); ok( $dkim, "new() works" ); my $sample_email = < Subject: hi there Comment: what is a comment this is a sample message END_OF_SAMPLE $sample_email =~ s/\n/\015\012/gs; $dkim->PRINT($sample_email); $dkim->CLOSE; my $signature = $dkim->signature; ok( $signature, "signature() works" ); print "# signature=" . $signature->as_string . "\n"; ok( $signature->as_string =~ /$EXPECTED_RE/, "got expected signature value" ); # now try a SHA256 signature $dkim = Mail::DKIM::Signer->new( Algorithm => "rsa-sha256", Method => "relaxed", Domain => "example.org", Selector => "test", KeyFile => $keyfile ); ok( $dkim, "new() works" ); $dkim->PRINT($sample_email); $dkim->CLOSE; ok( $dkim->signature, "signature() works" ); # add some headers to the first email $sample_email = "Received: from x\015\012" . "Received: from y\015\012" . $sample_email; $sample_email =~ s/^Comments:.*?$/comments: this can be changed/m; $dkim = Mail::DKIM::Signer->new( Algorithm => "rsa-sha1", Method => "relaxed", Domain => "example.org", Selector => "test", Identity => "bob\@example.org", Timestamp => time(), KeyFile => $keyfile ); ok( $dkim, "new() works" ); $dkim->PRINT($sample_email); $dkim->CLOSE; ok( $dkim->signature, "signature() works" ); print "# signature=" . $dkim->signature->as_string . "\n"; # check whether the signature includes/excludes certain header fields my $sigstr = $dkim->signature->as_string; ok( $sigstr =~ /subject/i, "subject was signed" ); ok( $sigstr =~ /from/i, "from was signed" ); ok( $sigstr !~ /received/i, "received was excluded" ); ok( $sigstr !~ /comments/i, "comments was excluded" ); # check if the identity got included ok( $sigstr =~ /i=bob\@/, "got expected identity value" ); # check if timestamp got included ok( $sigstr =~ /t=\d+/, "found timestamp value" ); # add some headers to the previous email for extended tests $sample_email = "X-Test: 2\015\012" . "X-Tests: 2\015\012" . "Date: blah\015\012" . "X-Test: 1\015\012" . "X-Tests: 1\015\012" . $sample_email; $sample_email =~ s/^Comments:.*?$/comments: this can be changed/m; $dkim = Mail::DKIM::Signer->new( Algorithm => "rsa-sha1", Method => "relaxed", Domain => "example.org", Selector => "test", Identity => "bob\@example.org", Timestamp => time(), KeyFile => $keyfile ); ok( $dkim, "new() works" ); $dkim->extended_headers( { 'Subject' => '+', 'Date' => '0', 'X-Test' => '*', 'X-Tests' => 1, } ); $dkim->PRINT($sample_email); $dkim->CLOSE; ok( $dkim->signature, "signature() works" ); print "# signature=" . $dkim->signature->as_string . "\n"; # check whether the signature includes/excludes certain header fields $sigstr = $dkim->signature->as_string; ok( $sigstr =~ /subject:subject/i, "subject was over signed" ); ok( $sigstr =~ /x-test:x-test/i, "x-test was all signed" ); ok( $sigstr =~ /x-tests/i, "x-tests was signed" ); ok( $sigstr !~ /x-tests:x-tests/i, "x-tests was signed only once" ); ok( $sigstr =~ /from/i, "from was signed" ); ok( $sigstr !~ /date/i, "date was excluded" ); ok( $sigstr !~ /comments/i, "comments was excluded" ); # check if the identity got included ok( $sigstr =~ /i=bob\@/, "got expected identity value" ); # check if timestamp got included ok( $sigstr =~ /t=\d+/, "found timestamp value" ); eval { $dkim = Mail::DKIM::Signer->new( Algorithm => "rsa-sha1", Method => "relaxed", Domain => "example.org", Selector => "test", KeyFile => "$tdir/non_existent_file_!!" ); }; { my $E = $@; print "# $E" if $E; ok( $E, "new() with bogus key file dies as expected" ); } eval { $dkim = Mail::DKIM::Signer->new( Algorithm => "rsa-sha1", Method => "relaxed", Domain => "example.org", Selector => "test", KeyFile => "$tdir/unreadable_file" ); }; { my $E = $@; print "# $E" if $E; ok( $E, "new() with bogus key file dies as expected" ); } { # TEST signing a message with no header my $dkim = Mail::DKIM::Signer->new( Algorithm => "rsa-sha1", Method => "relaxed", Domain => "example.org", Selector => "test", KeyFile => $keyfile ); my $sample_email = <PRINT($sample_email); $dkim->CLOSE; ok( $dkim->signature, "signature() works" ); } { # TEST signing a message with LOTS OF blank lines my $dkim = Mail::DKIM::Signer->new( Algorithm => "rsa-sha1", Method => "relaxed", Domain => "example.org", Selector => "test", KeyFile => $keyfile ); my $sample_email = < Subject: hi there Comment: what is a comment this is a sample message END_OF_SAMPLE $sample_email .= ( "\n" x 50000 ); $sample_email =~ s/\n/\015\012/gs; # older, broken, versions of Mail::DKIM will hang here $dkim->PRINT($sample_email); $dkim->CLOSE; ok( $dkim->signature, "signature() works" ); } { # TEST signing a message with obsolete header syntax my $dkim = Mail::DKIM::Signer->new( Algorithm => "rsa-sha1", Method => "relaxed", Domain => "example.org", Selector => "test", KeyFile => $keyfile ); my $sample_email = < Subject: hi there Comment: what is a comment this is a sample message END_OF_SAMPLE $sample_email =~ s/\n/\015\012/gs; $dkim->PRINT($sample_email); $dkim->CLOSE; ok( $dkim->signature, "signature() works" ); my $sigstr = $dkim->signature->as_string; ok( $sigstr =~ /subject/i, "subject was signed" ); ok( $sigstr =~ /from/i, "from was signed" ); } Mail-DKIM-1.20200907/t/external_signer.t0000755000175000017500000000242113725344750016005 0ustar marcmarc#!/usr/bin/perl -I../lib use strict; use warnings; use Test::Simple tests => 3; use Mail::DKIM::Signer; # in this test, instead of specifying a private key file, # or a Mail::DKIM::PrivateKey object, we specify a custom class # instead, one which performs the RSA-sign operation itself. # In our case, we simply return a dummy value, so this test # is to ensure that Mail::DKIM itself does not care about the # format that is returned. package MyCustomSigner; sub sign_digest { my $self = shift; my ( $digest_type, $digest_binary ) = @_; return "\0\0\0\0\0\0"; } package main; my $custom_signer = bless {}, "MyCustomSigner"; my $dkim = Mail::DKIM::Signer->new( Algorithm => "rsa-sha1", Method => "relaxed", Domain => "example.org", Selector => "test", Key => $custom_signer, ); ok( $dkim, "new() works" ); my $sample_email = < Subject: hi there Comment: what is a comment this is a sample message END_OF_SAMPLE $sample_email =~ s/\n/\015\012/gs; $dkim->PRINT($sample_email); $dkim->CLOSE; my $signature = $dkim->signature; ok( $signature, "signature() works" ); print "# signature=" . $signature->as_string . "\n"; ok( $signature->as_string =~ /b=AAAAAAAA/, "got expected signature value" ); Mail-DKIM-1.20200907/t/test5.txt0000644000175000017500000000132713725344750014235 0ustar marcmarcDKIM-Signature: a=rsa-sha1; c=simple; d=messiah.edu; h=received:received:from:to:subject:date:message-id; q=dns; s=selector1; b=zOgUMbToWrXAfWb1U0Ybe9SvD18ydan8niTN4r9YMuKnxzzRCg+uhqBYLp2NXZaLuajYfaBCgDTiJ5rCY3nqmxAqyNnvWnMBehuM05/oLvwkXFiZfYl5JgYY0ZyuBc0lhj1XaELAfHt3LAgCT/xAZyWiVWpfMUrE5cZTrVT7zUs= Received: from x.y.test by example.net via TCP with ESMTP id ABC12345 for ; 21 Nov 1997 10:05:43 -0600 Received: from machine.example by x.y.test; 21 Nov 1997 10:01:22 -0600 Invalid header From: Jason Long To: Nobody Subject: dkim test Date: Wed, 7 Dec 2005 09:11:00 -0500 Message-ID: <20051207091100@test.messiah.edu> This is a test Mail-DKIM-1.20200907/dist.ini0000644000175000017500000000152713725344750013633 0ustar marcmarcname = Mail-DKIM author = Marc Bradshaw license = Perl_5 copyright_holder = Marc Bradshaw copyright_year = 2020 [AutoVersion] format = 1.{{ cldr('yyyyMMdd') }} [OurPkgVersion] [NextRelease] format = %-9v %{yyyy-MM-dd VVVV}d [AutoPrereqs] [PodWeaver] ;[%PodWeaver] Contributors.contributors[0] = John Levine ;[PodCoverageTests] [PodSyntaxTests] ;[ReadmeAnyFromPod] ;type=text ;filename=README ;location=build [@Git] [Git::Contributors] [Git::GatherDir] [@Filter] -bundle = @Basic -remove = GatherDir [MetaJSON] [MetaResources] bugtracker.web = https://github.com/fastmail/mail-dkim/issues repository.url = git://github.com/fastmail/mail-dkim.git repository.web = https://github.com/fastmail/mail-dkim/ repository.type = git ;[Test::Perl::Critic] ;critic_config = t/perlcriticrc Mail-DKIM-1.20200907/META.json0000644000175000017500000000506113725344750013605 0ustar marcmarc{ "abstract" : "Signs/verifies Internet mail with DKIM/DomainKey signatures", "author" : [ "Marc Bradshaw " ], "dynamic_config" : 0, "generated_by" : "Dist::Zilla version 6.014, CPAN::Meta::Converter version 2.150010", "license" : [ "perl_5" ], "meta-spec" : { "url" : "http://search.cpan.org/perldoc?CPAN::Meta::Spec", "version" : 2 }, "name" : "Mail-DKIM", "prereqs" : { "configure" : { "requires" : { "ExtUtils::MakeMaker" : "0" }, "suggests" : { "JSON::PP" : "2.27300" } }, "develop" : { "requires" : { "Test::Pod" : "1.41" } }, "runtime" : { "requires" : { "Carp" : "0", "Crypt::OpenSSL::RSA" : "0", "Digest::SHA" : "0", "MIME::Base64" : "0", "Mail::Address" : "0", "Mail::AuthenticationResults::Header::AuthServID" : "0", "Mail::AuthenticationResults::Parser" : "0", "Net::DNS" : "0", "base" : "0", "strict" : "0", "warnings" : "0" } }, "test" : { "requires" : { "Data::Dumper" : "0", "Net::DNS::Resolver" : "0", "Net::DNS::Resolver::Mock" : "0", "Test::More" : "0", "Test::RequiresInternet" : "0", "Test::Simple" : "0", "YAML::XS" : "0", "lib" : "0", "perl" : "5.006" } } }, "release_status" : "stable", "resources" : { "bugtracker" : { "web" : "https://github.com/fastmail/mail-dkim/issues" }, "repository" : { "type" : "git", "url" : "git://github.com/fastmail/mail-dkim.git", "web" : "https://github.com/fastmail/mail-dkim/" } }, "version" : "1.20200907", "x_contributors" : [ "Aaron Thompson ", "Bron Gondwana ", "Christian Jaeger ", "Damien MASCR\u00c9 ", "jasonlong ", "Jose\u0301 Borges Ferreira ", "Martijn van de Streek ", "Martin H. Sluka ", "Mohammad S Anwar " ], "x_generated_by_perl" : "v5.30.1", "x_serialization_backend" : "Cpanel::JSON::XS version 4.19", "x_spdx_expression" : "Artistic-1.0-Perl OR GPL-1.0-or-later" } Mail-DKIM-1.20200907/Makefile.PL0000644000175000017500000000370113725344750014135 0ustar marcmarc# This file was automatically generated by Dist::Zilla::Plugin::MakeMaker v6.014. use strict; use warnings; use 5.006; use ExtUtils::MakeMaker; my %WriteMakefileArgs = ( "ABSTRACT" => "Signs/verifies Internet mail with DKIM/DomainKey signatures", "AUTHOR" => "Marc Bradshaw ", "CONFIGURE_REQUIRES" => { "ExtUtils::MakeMaker" => 0 }, "DISTNAME" => "Mail-DKIM", "LICENSE" => "perl", "MIN_PERL_VERSION" => "5.006", "NAME" => "Mail::DKIM", "PREREQ_PM" => { "Carp" => 0, "Crypt::OpenSSL::RSA" => 0, "Digest::SHA" => 0, "MIME::Base64" => 0, "Mail::Address" => 0, "Mail::AuthenticationResults::Header::AuthServID" => 0, "Mail::AuthenticationResults::Parser" => 0, "Net::DNS" => 0, "base" => 0, "strict" => 0, "warnings" => 0 }, "TEST_REQUIRES" => { "Data::Dumper" => 0, "Net::DNS::Resolver" => 0, "Net::DNS::Resolver::Mock" => 0, "Test::More" => 0, "Test::RequiresInternet" => 0, "Test::Simple" => 0, "YAML::XS" => 0, "lib" => 0 }, "VERSION" => "1.20200907", "test" => { "TESTS" => "t/*.t" } ); my %FallbackPrereqs = ( "Carp" => 0, "Crypt::OpenSSL::RSA" => 0, "Data::Dumper" => 0, "Digest::SHA" => 0, "MIME::Base64" => 0, "Mail::Address" => 0, "Mail::AuthenticationResults::Header::AuthServID" => 0, "Mail::AuthenticationResults::Parser" => 0, "Net::DNS" => 0, "Net::DNS::Resolver" => 0, "Net::DNS::Resolver::Mock" => 0, "Test::More" => 0, "Test::RequiresInternet" => 0, "Test::Simple" => 0, "YAML::XS" => 0, "base" => 0, "lib" => 0, "strict" => 0, "warnings" => 0 ); unless ( eval { ExtUtils::MakeMaker->VERSION(6.63_03) } ) { delete $WriteMakefileArgs{TEST_REQUIRES}; delete $WriteMakefileArgs{BUILD_REQUIRES}; $WriteMakefileArgs{PREREQ_PM} = \%FallbackPrereqs; } delete $WriteMakefileArgs{CONFIGURE_REQUIRES} unless eval { ExtUtils::MakeMaker->VERSION(6.52) }; WriteMakefile(%WriteMakefileArgs);