This file summarizes what's changed between releases of Mail-DKIM.
See the ChangeLog file for the details.
Version 0.44
* Added experimental support for ARC
Version 0.43
* Update tests for new DNS setup
Version 0.42
* Fix tests failing due to dns changes elsewhere
* Moved sample_mime_lite.pl to scripts directory
Version 0.41
* Fix to better comply with DKIM specification:
* DKIM signatures with multiple methods specified in q= tag are now
accepted. Such signatures are not known to appear in real life.
(rt.cpan.org issue #83176)
* Allow greater control over which headers are signed by Signer
* Added the extended_headers() method to allow headers
to be oversigned, or skipped.
* bugfixes:
* PrivateKey file is now closed correctly after being read.
* Use lexical rather than named file handle
Version 0.40 - released 2013-02-07
* New/changed functionality:
* a single DNS resolver is created for the lifetime of the program,
rather than reinitializing the resolver for each new query.
* bugfixes:
* fix the error message given when an invalid algorithm is
specified in the construction of Mail::DKIM::Signer.
* avoid Perl warning about use of an undefined value in several
places (rt.cpan.org issue #82913).
* speed- improved performance of parsing the message into lines
(rt.cpan.org issue #77902). Patch by Mark Martinec.
* fix DNS queries to use the correct method (txtdata) of Net::DNS
(rt.cpan.org issue #83170). Patch by Mark Martinec.
* API changes:
* global subroutines resolver() or enable_EDNS0() in module
Mail::DKIM::DNS can be called to specify non-default options
to Net::DNS::Resolver (see also rt.cpan.org issue #80425).
Version 0.39 - released 2010-11-14
* bugfixes:
* fix issue with getting wrong error codes when q= tag is empty
(issue #3011005)
* anti-abuse- prevent a message with thousands of signatures from
thrashing the whole computer (issue #3010997)
* memory usage- significantly reduced memory footprint for
processing a message with a large header and many signatures
* fix error message given when no KeyFile has been specified
(issue #1889690)
* API changes:
* the Canonicalization::finish_header() method now expects a
argument to be passed to it. In the unusual case that you are
using this method from your own code, please update your code.
Version 0.38 - released 2010-03-31
* New/changed functionality:
* DNS lookups can now be started asynchronously; the queries are
created as the header is parsed; the results are not actually
needed until the entire message has been read. (The Mail::DKIM
module does not yet do the queries asynchrously; this is just
the infrastructure so that the queries can be asynchronous in
the future.)
* bugfixes:
* DNS lookup overrides alarm() signal (issue #2854325)
* documentation updates:
* document use of custom PrivateKey object, for external signing
* describe how to get "pretty signatures" in Signer.pm
Version 0.37 - released 2009-09-08
* New/changed functionality:
* ADSP records now check whether the domain itself exists, in
accordance to the ADSP specification
* bugfixes:
* fixed regexp used to detect header field names (issue #2803465)
* various fixes to ADSP checking
Version 0.36 - released 2009-06-02
* API changes:
* restore the as_string() method which was accidentally removed
in version 0.34
Version 0.35 - released 2009-05-22
* bugfixes:
* fixed a runaway regular expression in the canonicalization
routines (patch provided by Mark Martinec)
Version 0.34 - released 2009-05-20
* New/changed functionality:
* support for ADSP (author-domain-signing-practices) records
* removed support for pre-standardized DKIM signatures (i.e. these
are DKIM signatures without a v= or bh= tag).
* DNS resolver errors are detected and reported as such
* API changes:
* renamed Mail::DKIM::Policy to Mail::DKIM::DkPolicy. Programs using
the former name to create policy objects directly (though it would
be more expected to fetch the objects through
Mail::DKIM::Verifier) should update their code
* new policies() method in Mail::DKIM::Verifier for fetching all
applicable sender/author signing policies
* bugfixes:
* Signer object would die if first line of input wasn't a header
(rt.cpan.org issue #46179)
Version 0.33 - released 2009-03-10
* bugfixes:
* signature wrapping would sometimes cause improper preparation of
DKIM signatures, with "simple" canonicalization (issue #2257046)
* test scripts:
* the included corpus is now verified using a fake-DNS resolver,
which means the test corpus can validate even when your DNS
servers are really slow
Version 0.32 - released 2008-06-03
* removed requirement for Digest::SHA1 (issue #1832549).
We now use the more capable Digest::SHA module for SHA-1 and SHA-256.
* bugfixes:
* granularity checking should be case-sensitive (issue #1938112).
* identity tag now uses quoted-printable encoding (issue #1839015).
* API improvement:
* implemented identity_source() for DkSignature objects
Version 0.31 - released 2008-04-14
* some error detail messages were changed (see ChangeLog, 2008-01-10 entry)
* by default, and when possible, DKIM signatures now omit c= and q= tags
(they are optional tags) (issue #1878518)
* DKIM and DomainKey signatures are now wrapped so that line breaks
occur before colon (':') separators instead of after; this avoids
confusing some broken MUAs (issue #1868648)
* bugfixes:
* "undef value" error when DKIM signature appears at end of header
(issue #1878954)
* use proper regexp for splitting email address (issue #1878994)
* API improvements:
* can specify a domain for fetch_author_policy() (issue #1879197)
* can access a signature's public-key object (issue #1879215)
* can specify an OpenSSL-private-key object for PrivateKey->new()
(issue #1879209)
Version 0.30.1 - released 2008-01-24
* bugfix:
* email from cisco.com was failing to verify (issue #1878523)
Version 0.30 - released 2008-01-10
* includes speed-up optimizations by Mark Martinec
* DomainKeys, implement proper identity matching...
a DomainKey-Signature's domain should match the From/Sender address
* several more test cases
* API improvements:
* accept additional arguments when creating Signer/Signature
* bugfixes:
* DomainKey-Signature headers were not "prettified"
* granularity ending with '*' was not checked correctly
* DomainKey-Signature granularity was checked against the wrong value
Version 0.29 - released 2007-11-08
* verifiers can now access all parsed signatures and their results,
not just signatures that were fully tested
* signer policies can now specify what private key file to use
* some other minor API improvements
* bugfixes:
* for DomainKeys signatures, fixed a compatibility issue handling
the h= tag
* for DKIM, signature expirations had been ignored
* for DKIM, signature identities did not have to match the domain
* for DKIM, public key granularity field had been ignored
Version 0.28 - released 2007-07-31
* fixed a bug with line-wrapping a signature at the wrong place
Version 0.27 - released 2007-07-25
* Sender signing policies are now better implemented
* Both Yahoo! DomainKeys signing policies and the under-development
IETF DKIM signing policies are supported
* Yahoo! DomainKeys policies can protect the Sender: header
* DKIM signing policies can protect the From: header
Look at Mail::DKIM::Verifier's fetch_author_policy() and
fetch_sender_policy() methods for hints.
Version 0.26 - released 2007-05-24
* recognize and generate v=1 signatures (DKIM is now RFC 4871)
Version 0.25 - released 2007-05-10
* we now only sign headers that IETF recommends for signing
* it's now possible to "prettify" outgoing signatures, but this feature
is not enabled by default. To enable, do a "use Mail::DKIM::TextWrap"
in your program that signs messages. (This may change in a future
release.)
Version 0.24 - released 2007-03-13
* fixes two bugs, see ChangeLog for details
* fixed a bug with public keys (in DNS) containing linebreak characters
* fixed a bug with DKIM signatures not including the optional q= tag
Version 0.23 - released 2007-02-22
* fixes some issues with verifying DomainKeys signatures
* generate newer-style DKIM signatures (with v=0.5 tag)
* fixed some bugs related to handling messages with no body
* improved diagnostic messages for certain cases
Version 0.22 - released 2007-01-19
* fixes a couple very minor bugs
* some cosmetic changes to error messages
Version 0.21 - released 2006-11-29
* fixes two bugs, see ChangeLog for details
Version 0.20 - released 2006-10-24
* now supports verifying multiple signatures (the result returned is based
on the "best" available signature)
* now supports adding multiple signatures in one pass (to use this, you
need to create a "signer policy"; see scripts/dkimsign.pl for an example)
* now supports signing/verifying signatures for the older DomainKeys standard
* now implements Internet Draft draft-ietf-dkim-base-05, including:
* support for the version (v=) tag
* eliminated "control character detected in message" error message
Version 0.19 - released 2006-06-15
* now supports earlier versions of Perl (5.6.1 and up).
Version 0.18 - released 2006-06-09
* no longer depends on Crypt::RSA or Crypt::OpenSSL::Bignum.
Version 0.17 - released 2006-05-26
* now implements Internet Draft draft-ietf-dkim-base-01, including:
* support for the body hash (bh=) tag
* support for SHA256 digests (uses the Digest::SHA module from CPAN)
* if a message fails to verify, it now distinguishes between:
* headers having been altered
* body having been altered
* RSA key failure (i.e. the signing key does not match the public key)
* added several sample messages to test against when doing `make test'.
Version 0.16 - released 2006-03-03
* first version for CPAN; implements draft-allman-dkim-base-01.