Alt-N DKIM Open Source Project
Copyright 2008 Alt-N Technologies, Ltd.

This code incorporates intellectual property owned by Yahoo! and licensed 
pursuant to the Yahoo! DomainKeys Patent License Agreement.

By making, using, selling, offering for sale, importing, and/or sublicensing 
Implementations as permitted, you agree to the terms and conditions of the 
Yahoo! DomainKeys Patent License Agreement or other agreement contained herein.

* ChangeLog
Release 1.5 Start 19/03/2009
19/03/2009
1.  Added libdkim-1.0 - DKIM signing/verification library by ALT-N
    technologies. New program dkim for testing dkim signatures
2.  Fixed bugs with DKIM/DK verification
28/03/2009
3.  Released libdkim-1.1
4.  Added ADSP/SSP to qmail-dkim, libdkim
5.  Added Return-Path to use as domain in dkimsign.cpp
11/06/2009
6.  configure for libdkim detects EVP_sha256 or EVP_sha1. Fix for Mac. Fixed
    version available as libdkim-1.3
7.  Added dkim man page
8.  updates from libdkim-1.0.21
9.  dkim.c - do not skip X-Mailer headers
10. dkimsign.cpp - address parsing to fix signing of email generated by cron
    daemon
11. dkimsign.cpp - replace % in selector with domain name
12. dkim.c - Use basename of private key as the selector in absense of -y option
13. dkimverify.cpp - replace strtok() with strtok_r() for thread safe
14. refactored dns_text() function
15. use packetsize > 512 to avoid dkim failures for sites having long txt
    records (hotmail.com)
16. libdkim - removed compiler warnings
17. libdkim - added CXXFLAGS -Wno-delete-non-virtual-dtor -Wno-reorder to configure.ac
18. libdkim - dns.cpp. fixed double free of dnresult causing SIGSEGV
12/08/2018
19. dkim.c - fix for multiple DKIM-Signature header
27/08/2018
20. Fixed dkimsign issue with round parenthesis.
13/01/2019
21. dkim.c - Added missing usage string for allowing unsigned subject
17/02/2019
22. dkimverify.cpp - made scope of sFromDomain static
21/05/2019
23. dkimverify.cpp - Increased buffer length for dns result
24. dns.cpp - fixed pointer after realloc
25. configure.ac, dkimverify.cpp, dkimverify.h - fix for 32 bit systems
    where time_t is 4 bytes & encounters year 2038 issue
24/06/2019
26. dkim.c - fixed return value interpretation of DKIMVERIFY
14/06/2019
27. libdkim - dkim.c, dkimverify.h, dkimbase.cpp, dkimverify.cpp - BUG
    verfication was not honoring body length tag
24/06/2019
28. use DKIMDOMAIN only if Return-Path, From, Sender header are empty
26/06/2019
29. dkimsign.cpp - use X-Bounced-Address domain for DKIM signing for bounces
09/04/2020
30. check for null domain after DKIMDOMAIN replacement
10/04/2020
31. fixed BUG with domain assignment
11/04/2020
32. renamed DKKIMDOMAIN to BOUNCEDOMAIN

*
----------------------
1.0.21 
----------------------
  o updated verifier to latest draft of DKIM ADSP
  o fixed some error codes overlapping success codes
  o added signature and identity domain information to 
    DKIMVerifyDetails structure

-------------------
1.0.20 Aug 26, 2008
-------------------
  o verifier by default requires all From headers in the
    message to be signed

-------------------
1.0.19 May 12, 2008
-------------------
  o fix to trailing lines of whitespace not being ignored
    with relaxed body canonicalization

----------------------
1.0.18 January 9, 2008
----------------------
  o fix to incorrect body hashes for empty bodies
  o fix to verification error for signatures with whitespace
    around the b= value
  o more fixes to verification errors with whitespace between
    the header name and :

-----------------------
1.0.17 October 29, 2007
-----------------------
  o verifier fully supports g= value wildcard matching
  o fix to verifier not canonicalizing message headers that
    had whitespace between the header name and :
  o fix to verifier not validating t= value or comparing it
    to the x= value
  o fix to verifier accepting blank values for l= and x=

----------------------
1.0.16 August 22, 2007
----------------------
  o supports SSP (Sender Signing Practices) draft 00
  o added verifier option to save canonicalized message data

-------------------
1.0.15 May 30, 2007
-------------------
  o fix to DKIM_FAIL being returned for messages with
    invalid signatures

---------------------
1.0.14 April 24, 2007
---------------------
  o updated to final publication of DKIM (version 1)
  o fix to buffer overflow parsing malformed From headers

------------------------
1.0.13 February 22, 2007
------------------------
  o by default, verifier requires subject header to be signed
  o added visual studio 2005 project files
  o changed q=dns to q=dns/txt in signer
  o fixed hash for empty body

----------------------
1.0.12 August 31, 2006
----------------------
  o added verification option to not check the sender's policy
    (the default is to not check)

--------------------
1.0.11 July 25, 2006
--------------------
  o updated to 04 draft

------------------------
1.0.10 February 21, 2006
------------------------
  o added sha-256 hashing capability. Can sign with either
    sha-1, sha-256, or both. Either type can be verified.
    This version requires OpenSSL 0.9.8a

-----------------------
1.0.9 November 22, 2005
-----------------------
  o update to 01 draft

-------------------
1.0.8 July 28, 2005
-------------------
  o fix to verifier requesting policy records from the wrong
    location
  o the policy is no longer checked if the From domain is a 
    subdomain of any of the successful signing domains

-------------------
1.0.7 July 21, 2005
-------------------
  o added option to honor/ignore body length tags when verifying
    default is to ignore

-------------------
1.0.6 July 14, 2005
-------------------
  o initial release


This library implements DKIM (DomainKeys Identified Mail).  The
internet drafts are available here:

http://www.ietf.org/internet-drafts/draft-allman-dkim-base-01.txt
http://www.ietf.org/internet-drafts/draft-allman-dkim-ssp-01.txt
http://www.ietf.org/internet-drafts/draft-fenton-dkim-threats-01.txt


Build Instructions
------------------

You must have OpenSSL installed and built.

http://www.openssl.org/

For Win32,
  - Edit the make file Makefile.vc and set the OpenSSL include and lib
    paths (OPENSSL_INC and OPENSSL_LIB)
  - Run "nmake /f Makefile.vc"

For Unix,
  - Run "make"


Usage
-------

See dkim.c for an example of how to call the library.

