loadplugin Mail::SpamAssassin::Plugin::DKIM [/path/to/DKIM.pm] full DKIM_VALID eval:check_dkim_valid() full DKIM_VALID_AU eval:check_dkim_valid_author_sig()
(for compatibility, a check_dkim_verified is a synonym for check_dkim_valid)
It requires the "Mail::DKIM" CPAN module to operate. Many thanks to Jason Long for that module.
_DKIMIDENTITY_ signing identities (the 'i' tag) from valid signatures; _DKIMDOMAIN_ signing domains (the 'd' tag) from valid signatures;
Identities and domains from signatures which failed verification are not included in these tags. Duplicates are eliminated (e.g. when there are two or more valid signatures from the same signer, only one copy makes it into a tag). Note that there may be more than one signature in a message - currently they are provided as a space-separated list, although this behaviour may change.
http://jason.long.name/dkimproxy/ http://tools.ietf.org/rfc/rfc4871.txt http://tools.ietf.org/rfc/rfc4870.txt http://ietf.org/html.charters/dkim-charter.html
Only one whitelist entry is allowed per line, as in "whitelist_from_rcvd". Multiple "whitelist_from_dkim" lines are allowed. File-glob style characters are allowed for the From address (the first parameter), just like with "whitelist_from_rcvd". The second parameter does not accept wildcards.
If no signing identity parameter is specified, the only acceptable signature will be a first-party signature, i.e. the so called author signature, which is a signature where the signing identity of a signature matches the author address (i.e. the address in a From header field).
Since this whitelist requires a DKIM check to be made, network tests must be enabled.
Examples of whitelisting based on an author signature (first-party):
whitelist_from_dkim email@example.com whitelist_from_dkim *@corp.example.com whitelist_from_dkim *@*.example.com
Examples of whitelisting based on third-party signatures:
whitelist_from_dkim firstname.lastname@example.org email@example.com whitelist_from_dkim firstname.lastname@example.org example.net whitelist_from_dkim email@example.com example.org whitelist_from_dkim *@info.example.com example.com whitelist_from_dkim *@* remailer.example.com