Alt-N DKIM Open Source Project
Copyright 2008 Alt-N Technologies, Ltd.

This code incorporates intellectual property owned by Yahoo! and licensed 
pursuant to the Yahoo! DomainKeys Patent License Agreement.

By making, using, selling, offering for sale, importing, and/or sublicensing 
Implementations as permitted, you agree to the terms and conditions of the 
Yahoo! DomainKeys Patent License Agreement or other agreement contained herein.

* Sun Apr 23 2023 17:02:10 +0000 Manvendra Bhangui <libdkim@indimail.org> 1.7-1.1%{?dist}
Release 1.7-1.1 Start 01/02/2023 End 09/01/2024
======= Release Highlights ================================================
- ability to alter Hash Method after DKIMSignInit
- ability to add headers for exclusion from DKIM signing
- New option -X for excluding headers from signing
- New header EXCLUDE_DKIMSIGN or excluding headers from signing
- Exclude Arc-Authentication-Results from signing by default
===========================================================================
- 01/02/2023
01. new function DKIMSignReplaceHash to alter current Hash method
- 04/02/2023
02. dkim.cpp: Generate dkim-signature for each -s option passed on command
    line
03. dkimverify.cpp: return actual signature error in ProcessHeaders instead of
    "no valid sigs"
- 11/02/2023
04. dkim.cpp: added dkim_error_str function to return DKIM error
05. dkim.h: added DKIM_EVP_SIGN_FAILURE, DKIM_EVP_DIGEST_FAILURE
    definitions for EVP signing and digest failures
06. dkimsign.cpp: check for EVP sign and digest failures
07. dkimsign.cpp: fixed a= tag to "ed25519-sha256"
08. dkimverify.cpp: fixed verification of ed25519 signature without ASN.1
    structure
- 12/02/2023
09. dkimverify.cpp: fixed multi-signature verfication (rsa+ed25519)
- 19/02/2023
10. dkim.cpp: fixed usage strings
- 18/03/2023
11. dkimverify.cpp: Fixed SIGSEGV with missing k= tag in DKIM txt record
- 28/03/2023
12. dkimverify.cpp: use error routine only for EVP functions failure
- 06/04/2023
13. dkimsign.cpp: fixed compiler warning of use of uninitialized variable
- 23/04/2023 - indimail-mta-3.0.3
- 08/09/2023 - indimail-mta-3.0.4
- 20/09/2023
14. use Replaces, Conflicts in spec,control
- 17/10/2023 - indimail-mta-3.0.5
- 14/11/2023
15. dkim.cpp: Added -X option to have colon seperated list of headers to be
    excluded from DKIM signing.
16. dkim.cpp: Added env variable EXCLUDE_DKIMSIGN to exclude headers from
    DKIM signing
17. dkim.cpp, dkimsigin.cpp: Exclude Arc-Authentication-Results from DKIM
    signing
- 01/01/2024 - indimail-mta-3.0.6
- 06/01/2024
18. dkim.h: Added error code DKIM_BAD_IDENTITY for invalid identity domain
19. dkimverify.cpp, dkim.cpp: use new error code DKIM_BAD_IDENTITY for
    invalid identity domain (i= tag)
20. dkimsign.cpp: Use strrchr instead of strchr for extracting domain
- 09/01/2024
21. dkim.h: re-arranged DKIM error codes.
- 03/02/2024 - indimail-mta-3.0.7
- 09/05/2024
22. fix discarded-qualifier compiler warnings
- 06/08/2024 - indimail-mta-3.0.8
- 08/02/2025
23. dkim.cpp, dkimsign.cpp, dkimverify.cpp, dkim.h: make DKIM-Signature header
    name configurable

* Mon Jan 30 2023 13:14:56 +0000 Manvendra Bhangui <libdkim@indimail.org> 1.6-1.1%{?dist}
Release 1.6 Start 27/11/2022 End 30/11/2023
======= Release Highlights ================================================
o added rfc8463 ed25519 cryptographic method for signing and verification.
o removed allman legacy code
===========================================================================
- 27/11/2022
1.  dkim.c: updated help message for -h option
- 26/01/2023
2.  dkim.cpp: removed -b option. Option kept for backward compatibility
3.  dkim.cpp: added -z 4 for setting Ed25519 DKIM signature
4.  dkim.h: added definition for DKIM_HASH_ED25519
5.  dkimsign.cpp: added creation of Ed25519 DKIM signatures
6.  dkimverify.cpp: added verification of Ed25519 DKIM signatures
- 29/02/2023
7.  dkimverify.cpp: fixed verification for mail having  multiple
    DKIM-Signature of different methods
8.  dkimverify.h: added member 'method' to store encryption method
9.  dkimsign.cpp, dkimsign.h: renamed SignThisTag() to SignThisHeader()
10. dkim.cpp: set verbose flag for dkimvery, dkimsign methods
- 30/01/2023
11. released libdkim-1.6
- 30/01/2023 - indimail-mta-3.0.2

* Thu 08 Sep 2022 12:31:45 +0000 Manvendra Bhangui <libdkim@indimail.org> 1.5-1.1%{?dist}
Release 1.5 Start 19/03/2009 End 08/09/2022
- 19/03/2009
1.  Added libdkim-1.0 - DKIM signing/verification library by ALT-N
    technologies. New program dkim for testing dkim signatures
2.  Fixed bugs with DKIM/DK verification
- 28/03/2009
3.  Released libdkim-1.1
4.  Added ADSP/SSP to qmail-dkim, libdkim
5.  Added Return-Path to use as domain in dkimsign.cpp
- 11/06/2009
6.  configure for libdkim detects EVP_sha256 or EVP_sha1. Fix for Mac. Fixed
    version available as libdkim-1.3
7.  Added dkim man page
8.  updates from libdkim-1.0.21
9.  dkim.c - do not skip X-Mailer headers
10. dkimsign.cpp - address parsing to fix signing of email generated by cron
    daemon
11. dkimsign.cpp - replace % in selector with domain name
12. dkim.c - Use basename of private key as the selector in absense of -y option
13. dkimverify.cpp - replace strtok() with strtok_r() for thread safe
14. refactored dns_text() function
15. use packetsize > 512 to avoid dkim failures for sites having long txt
    records (hotmail.com)
16. libdkim - removed compiler warnings
17. libdkim - added CXXFLAGS -Wno-delete-non-virtual-dtor -Wno-reorder to configure.ac
18. libdkim - dns.cpp. fixed double free of dnresult causing SIGSEGV
- 12/08/2018
19. dkim.c - fix for multiple DKIM-Signature header
- 27/08/2018
20. Fixed dkimsign issue with round parenthesis.
- 13/01/2019
21. dkim.c - Added missing usage string for allowing unsigned subject
- 17/02/2019
22. dkimverify.cpp - made scope of sFromDomain static
- 21/05/2019
23. dkimverify.cpp - Increased buffer length for dns result
24. dns.cpp - fixed pointer after realloc
25. configure.ac, dkimverify.cpp, dkimverify.h - fix for 32 bit systems
    where time_t is 4 bytes & encounters year 2038 issue
- 24/06/2019
26. dkim.c - fixed return value interpretation of DKIMVERIFY
- 14/06/2019
27. libdkim - dkim.c, dkimverify.h, dkimbase.cpp, dkimverify.cpp - BUG
    verfication was not honoring body length tag
- 24/06/2019
28. use DKIMDOMAIN only if Return-Path, From, Sender header are empty
- 26/06/2019
29. dkimsign.cpp - use X-Bounced-Address domain for DKIM signing for bounces
- 09/04/2020
30. check for null domain after DKIMDOMAIN replacement
- 10/04/2020
31. fixed BUG with domain assignment
- 11/04/2020
32. renamed DKKIMDOMAIN to BOUNCEDOMAIN
- 06/10/2020
33. configure.ac: changes for FreeBSD, Darwin
- 13/10/2020 - indimail-mta-2.12
34. added debuginfo package
- 18/07/2021 - indimail-mta-2.13
- 20/07/2021
35. updated configure.ac by doing autoupdate
- 28/08/2021
36. dkimsign.cpp: added ReplaceSelector to replace selector
37. dkimfuncs.cpp - added DKIMSignReplaceSelector to replace selector
38. dkim.h: Added prototype for DKIMSignReplaceSelector
- 12/09/2021 - indimail-mta-2.14.0
- 18/05/2022 - indimail-mta-3.0.0
- 08/09/2022 - indimail-mta-3.0.1

*
----------------------
1.0.21 
----------------------
  o updated verifier to latest draft of DKIM ADSP
  o fixed some error codes overlapping success codes
  o added signature and identity domain information to 
    DKIMVerifyDetails structure

-------------------
1.0.20 Aug 26, 2008
-------------------
  o verifier by default requires all From headers in the
    message to be signed

-------------------
1.0.19 May 12, 2008
-------------------
  o fix to trailing lines of whitespace not being ignored
    with relaxed body canonicalization

----------------------
1.0.18 January 9, 2008
----------------------
  o fix to incorrect body hashes for empty bodies
  o fix to verification error for signatures with whitespace
    around the b= value
  o more fixes to verification errors with whitespace between
    the header name and :

-----------------------
1.0.17 October 29, 2007
-----------------------
  o verifier fully supports g= value wildcard matching
  o fix to verifier not canonicalizing message headers that
    had whitespace between the header name and :
  o fix to verifier not validating t= value or comparing it
    to the x= value
  o fix to verifier accepting blank values for l= and x=

----------------------
1.0.16 August 22, 2007
----------------------
  o supports SSP (Sender Signing Practices) draft 00
  o added verifier option to save canonicalized message data

-------------------
1.0.15 May 30, 2007
-------------------
  o fix to DKIM_FAIL being returned for messages with
    invalid signatures

---------------------
1.0.14 April 24, 2007
---------------------
  o updated to final publication of DKIM (version 1)
  o fix to buffer overflow parsing malformed From headers

------------------------
1.0.13 February 22, 2007
------------------------
  o by default, verifier requires subject header to be signed
  o added visual studio 2005 project files
  o changed q=dns to q=dns/txt in signer
  o fixed hash for empty body

----------------------
1.0.12 August 31, 2006
----------------------
  o added verification option to not check the sender's policy
    (the default is to not check)

--------------------
1.0.11 July 25, 2006
--------------------
  o updated to 04 draft

------------------------
1.0.10 February 21, 2006
------------------------
  o added sha-256 hashing capability. Can sign with either
    sha-1, sha-256, or both. Either type can be verified.
    This version requires OpenSSL 0.9.8a

-----------------------
1.0.9 November 22, 2005
-----------------------
  o update to 01 draft

-------------------
1.0.8 July 28, 2005
-------------------
  o fix to verifier requesting policy records from the wrong
    location
  o the policy is no longer checked if the From domain is a 
    subdomain of any of the successful signing domains

-------------------
1.0.7 July 21, 2005
-------------------
  o added option to honor/ignore body length tags when verifying
    default is to ignore

-------------------
1.0.6 July 14, 2005
-------------------
  o initial release


This library implements DKIM (DomainKeys Identified Mail).  The
internet drafts are available here:

http://www.ietf.org/internet-drafts/draft-allman-dkim-base-01.txt
http://www.ietf.org/internet-drafts/draft-allman-dkim-ssp-01.txt
http://www.ietf.org/internet-drafts/draft-fenton-dkim-threats-01.txt


Build Instructions
------------------

You must have OpenSSL installed and built.

http://www.openssl.org/

For Win32,
  - Edit the make file Makefile.vc and set the OpenSSL include and lib
    paths (OPENSSL_INC and OPENSSL_LIB)
  - Run "nmake /f Makefile.vc"

For Unix,
  - Run "make"


Usage
-------

See dkim.c for an example of how to call the library.

