dkim.cr
dkim
A DKIM signing library in crystal initially transliterated from John Hawthorn's excellent Ruby Version
Installation
shards install dkim
Necessary configuration
A private key, a domain, and a selector need to be specified in order to sign messages.
These can be specified globally
Dkim::domain = 'example.com'
Dkim::selector = 'mail'
Dkim::private_key = open('private.pem').read
Options can be overridden per message.
Dkim.sign(mail, :selector => 'mail2', :private_key => OpenSSL::PKey::RSA.new(open('private2.pem').read))
For more details see {Dkim::Options}
Standalone Usage
openssl genrsa -out dkim_private.pem 2048
Calling Dkim.sign
on a string representing an email message returns the message with a DKIM signature inserted.
For example
mail = Dkim.sign(<<EOS)
To: someone@example.com
From: john@example.com
Subject: hi
Howdy
EOS
Dkim.sign(mail)
# =>
# To: someone@example.com
# From: john@example.com
# Subject: hi
# DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=example.com; q=dns/txt; s=mail; t=1305917829;
# bh=qZxwTnSM1ywsrq0Ag9UhQSOtVIG+sW5zDkB+hPbuX08=; h=from:subject:to;
# b=0mKnNOkxFGiww63Zu4t46J7eZc3Uak3I9km3IH2Le3XcnSNtWJgxiwBX26IZ5yzcT
# VwJzcCnPKCScIJMQ7yfbfXmNsKVIOV6eSUqu1YvJ1fgzlSAXuDEMNFTjoto5rrdA+
# BgX849hEY/bWHDl1JJgNpiwtpl4t0Q7M4BVJUd7Lo=
#
# Howdy
More flexibility can be found using {Dkim::SignedMail} directly.
Specific configuration
For sending mesages through Amazon SES, certain headers should not be signed
Dkim::signable_headers = Dkim::DefaultHeaders - %w{Message-ID Resent-Message-ID Date Return-Path Bounces-To}
Some OpenSSL's don't have sha256 support. RFC 6376 states that signers SHOULD sign using rsa-sha256. For this reason, dkim will not use rsa-sha1 as a fallback. If you wish to override this behaviour and use whichever algorithm is available you can use this snippet (not recommended).
Dkim::signing_algorithm = defined?(OpenSSL::Digest::SHA256) ? 'rsa-sha256' : 'rsa-sha1'
Limitations
- Strictly a DKIM signing library. No support for signature verification. (none planned)
- No support for the older Yahoo! DomainKeys standard (RFC 4870) (none planned)
- No support for specifying DKIM identity
i=
(planned) - No support for body length
l=
(planned) - No support for copied header fields
z=
(not immediately planned)
Resources
- RFC 6376
- Inspired by perl's Mail-DKIM
- DomainKeys Article by SparkPost
License
(The MIT License)
Copyright (c) 2022 MailerToGo Copyright (c) 2011 John Hawthorn
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
dkim.cr
- 0
- 0
- 0
- 0
- 2
- 18 days ago
- April 30, 2022
Fri, 20 Dec 2024 17:10:15 GMT