Welcome to Thunderbird Add-ons.

Add extra features and styles to make Thunderbird your own.

Close

On the go?

Check out our Mobile Add-ons site.

Close

DKIM Verifier Version History

53 versions

Be careful with old versions!

These versions are displayed for reference and testing purposes. You should always use the latest version of an add-on.

Version 6.1.0 2.0 MiB Works with Thunderbird 128.0 - *

Enhancements
  • Added an option to display the DKIM header when an e-mail with a DKIM signature, SPF or DMARC result is viewed (#462).
  • Authentication-Results header: Invalid headers by Outlook are now accepted if reading of non RFC compliant ARHs is enabled (#423).
  • The DKIM selector is now displayed in the DKIM button pop-up (#510).
  • The options page of the add-on can now be opened from the DKIM button pop-up.
Fixes
  • Fixed parsing of a From header that contains MIME encoded non-ASCII characters when reading a saved result (#529).
Other
  • Updated default rules and favicons.

Download Now Download Anyway

Version 6.0.1 2.0 MiB Works with Thunderbird 128.0 - *

Breaking Changes
  • Now requires at least Thunderbird 128.
  • Remove migration of options from versions before 4.0.0.
Enhancements
  • Fixed incompatibility with Thunderbird 136 (#494).
  • Authentication-Results header: Improve default behavior about which headers are trusted.
    Instead of trusting all it now depends on the newest ARH (#465).
Fixes
  • If the DKIM result fails because of the check of the sign rules the detailed view now still shows the details of the DKIM signature (#495).
  • Authentication-Results header: If only an AUID is included again heuristically extract the SDID from it.
  • Fixed setting default values for boolean preferences with policies on macOS via a `.plist` (#499).
Other
  • Updated default rules and favicons (#497).

Download Now Download Anyway

Version 5.6.0 2.0 MiB Works with Thunderbird 91.0 - 135.*

Enhancements
  • Support setting default values for preferences with managed storage (#268).
  • An explicit alignment between the AUID and the From address is no longer enforced.
  • Authentication-Results header: If replacing the add-ons verification, the SDID alignment is checked against the From address (#452).
  • Authentication-Results header: If replacing the add-ons verification, the signature and hash algorithm are now shown in the details view.
Fixes
  • Encoding errors in the RSA/Ed25519 key or signature now result in an invalid DKIM signature instead of an internal error.

Download Now Download Anyway

Version 5.5.0 2.0 MiB Works with Thunderbird 91.0 - 135.*

Enhancements
  • Show all DKIM signatures with additional details in the DKIM button pop-up (#160, #299).
  • Improved table views for sign rules and DKIM keys (#248, #305).
    E.g. it is now possible to delete multiple entries at once.
  • Allow multiple `*` globs in the From pattern of sign rules (#471, #472).
  • Changed the default color scheme for highlighting of the From header to better work with dark mode (#460).
  • Changed the header icon to now have the same colors as Thunderbirds own icons.
Fixes
  • Fixed potential parsing error when extracting the received time from the last Received header (#455).
  • When parsing now support comments inside comments up to a recursion of 3 (#466).
Other
  • Added Vietnamese translation (by vtvinh24) (#485).
  • Updated default rules and favicons (#440, #443, #444, #447, #457, #461).
  • Updated Brazilian Portuguese translations (#450).
  • Updated French translations (#459).

Download Now Download Anyway

Version 5.4.0 1.5 MiB Works with Thunderbird 91.0 - 135.*

Enhancements
  • Added support for using the Brand Indicators for Message Identification (BIMI) when showing favicons is enabled (#242).
  • Added the possibility to show a favicon for a specific From address or AUID (#107).
  • Don't save DKIM results that contain a temporary error.
  • Show proper error message if parsing of a message failed.
  • Show DKIM label if "Hide labels column" is enabled.
  • Authentication-Results header: if reading of non RFC compliant ARHs is enabled, a `:` in a property value is now allowed without the value being in a quoted-string.
  • Authentication-Results header: don't restrict result keyword for unknown methods.
Fixes
  • Fixed signature verification if a signed header contains a non ASCII character.
  • Fixed support for Thunderbird Conversations add-on in Thunderbird 115 and later (#395).
  • Libunbound resolver: Fixed using a relative path to the profile directory in Thunderbird 115 and later (#385).
Other
  • Added Polish translation (by dMbski) (#392).
  • Options navigation is now flat.
  • Updated default rules and favicons (#387, #393, #399).

Download Now Download Anyway

Version 5.3.1 1.4 MiB Works with Thunderbird 91.0 - 123.*

Fixes
  • Fixed incompatibility with Thunderbird 115 if no preferences exist, e.g. a new installation.

Download Now Download Anyway

Version 5.3.0 1.4 MiB Works with Thunderbird 91.0 - 115.*

Enhancements
  • Fixed incompatibility with Thunderbird 115 (#364).
  • Support the offline mode of Thunderbird.
    No DNS queries are done if Thunderbird is in the offline mode (#129).
  • JSDNS: Support IPv6 addresses (#363)
  • JSDNS: Improved how the addon behaves if all DNS servers were not reachable.
    By default the addon will now try them again instead of getting in a state there all further DNS queries will fail (#269).
    If getting DNS servers from OS configuration is enabled, they will now also be read from the OS again (#90).
Other
  • Updated default rules and favicons (#365).

Download Now Download Anyway

Version 5.2.0 1.4 MiB Works with Thunderbird 91.0 - 114.0

Enhancements

- Extract the received time from the last Received header and use it as the verification time (#336).
- Fixed incompatibility with Thunderbird 113 (#352).

Fixes

- Fixed extension not working for attached or external messages (#216).
Requires Thunderbird 106 or later.
- Fixed empty tags being treated as ill-formed. This e.g. fixes revoked DKIM keys.
- Fixed tooltip for From header in Thunderbird 102 or newer (#311).
- Fixed missing body resulting in internal error (#347).

Other

- Added Traditional Chinese translation (by NightFeather) (#335).
- Updated default rules and favicons (#334, #337).

Download Now Download Anyway

Version 5.1.1 1.1 MiB Works with Thunderbird 91.0 - 109.0

Fixes

- Invalid Reply-To header is now ignored instead of resulting in internal error.

Other

- updated default rules and favicons (#323, #326, #327)

Download Now Download Anyway

Version 5.1.0 1.1 MiB Works with Thunderbird 91.0 - 105.0

Enhancements

- Added heuristic to detect maliciously added unsigned headers (#102).
- Configurable option to warn about unsigned headers that are recommended to be signed (#102, #277).
- Improved theming of header icon in Thunderbird 102.
- Authentication-Results header: Prefer to show failure results that include a reason and are related to the sending domain (#247).

Fixes

- Fixed error when opening messages in a new window in Thunderbird 102.

Other

- updated default rules and favicons

Download Now Download Anyway

Version 5.0.0 1.1 MiB Works with Thunderbird 91.0 - 104.0

Breaking Changes

- now requires at least Thunderbird 91

Enhancements

- fixed incompatibility with Thunderbird 102 (#306, #312)
- Added support for signing algorithm Ed25519-SHA256 (RFC 8463) (#142)
- JSDNS: fixed incompatibility with Thunderbird 101 (#303)
- Authentication-Results header: check sign algorithm used for DKIM (RFC 8601) (#219)

Fixes

- fixed multiple from addresses being treated as ill-formed (#304)

Other

- updated default rules and favicons

Download Now Download Anyway

Version 4.1.1 1.0 MiB Works with Thunderbird 78.0 - 100.0

- fixed blank line in header if email does not contain DKIM signature (Thunderbird 97) (#293)
- fixed some dialog windows being to small (#296)
- fixed header spanning multiple lines possibly being cropped at the bottom
- fixed wrapping of header in Thunderbird 99
- added Ukrainian translation (by lexxai) (#297)

Download Now Download Anyway

Version 4.1.0 1019.4 KiB Works with Thunderbird 78.0 - 100.0

- fixed incompatibility with Thunderbird 96 (#279)
- Re-added support for Thunderbird Conversations add-on (#203)
- show proper error message on ill-formed from (#238)
- ignore ill-formed List-Id (#262) and fix parsing of List-Id
- Authentication-Results header: fixed sorting of DKIM results in regards to list id
- fixed options styling for Thunderbird 91
- added Brazilian Portuguese translation (by David BrazSan) (#283)
- Add ability to export/import sign rules (#220)
- Fix layout issues in table views (Sign rules / stored keys) (#248)
- updated default rules and favicons (#263, #266, #274, #281, #284)

Download Now Download Anyway

Version 4.0.0 952.1 KiB Works with Thunderbird 78.0 - 95.0

- now requires at least Thunderbird 78
- fixed incompatibility with Thunderbird 78 (#199)
- removed option to show DKIM result in the statusbarpanel
- Authentication-Results header: fixed parsing of version
- Authentication-Results header: fixed parsing of quoted SDID and AUID (#229, #234)
- Authentication-Results header: fixed missing reason on fail resulting in error (#232)
- libunbound resolver: Don't provide a default path (#199)
- libunbound resolver: Improve options description (#199)
- added about page in options
- added incomplete Swedish translation (by Phoenix)
- added Spanish translation (by Peter O Brien) (#239)
- updated default rules and favicons (#208, #209, #210)

Changes since v4.0.0pre4:

- fixed incompatibility with Thunderbird 89
- Update translations
- added Spanish translation (by Peter O Brien) (#239)
- Migrated storing of DKIM keys
- Sign rules: Migrated DMARC heuristic
- Migrated DKIM actions in the header
- Authentication-Results header: fixed parsing of quoted SDID and AUID (#229, #234)
- Authentication-Results header: fixed missing reason on fail resulting in error (#232)
- Improve parsing of From address, now supporting parts of the obsolete Syntax (#235)
- updated default rules and favicons

Download Now Download Anyway

Version 4.0.0pre4 880.3 KiB Works with Thunderbird 78.0 - 95.0

- now requires at least Thunderbird 78
- fixed incompatibility with Thunderbird 78 (#199)
- removed option to show DKIM result in the statusbarpanel
- Authentication-Results header: fixed parsing of version
- libunbound resolver: Don't provide a default path
- libunbound resolver: Improve options description
- added about page in options
- updated default rules and favicons (#208, #209, #210)

Changes since v4.0.0pre3:

- Don't provide a default libunbound path
- Sign rules: Special treatment of outgoing messages now supported
- Fixed relaxed ARH parsing option (#221)
- Fixed backtracking issues in parsing of from header, resulting in `InternalError: too much recursion`
- Fixed options page not correctly working if it was already open on start
- Add about page
- updated default rules and favicons (#209)

Current limitations:

- Storing of DKIM keys not implemented
- Sign rules: DMARC heuristic not implemented
- DKIM action in the header not implemented

Removed:

- Option to show DKIM result in the statusbarpanel

Download Now Download Anyway

Version 4.0.0pre3 859.0 KiB Works with Thunderbird 78.0 - 95.0

- now requires at least Thunderbird 78
- fixed incompatibility with Thunderbird 78 (#199)
- removed option to show DKIM result in the statusbarpanel
- Authentication-Results header: fixed parsing of version

Known issues:

- Storing of DKIM keys not implemented
- Sign rules: DMARC heuristic not implemented
- Sign rules: Special treatment of outgoing messages not implemented
- DKIM action in the header not implemented

Removed:

- Option to show DKIM result in the statusbarpanel

Download Now Download Anyway

Version 3.1.0 865.3 KiB Works with Thunderbird 68.0 - 73.0

- fix default rules and favicons (#197)
- includes changes from 2.2.0:
- Authentication-Results header: fix relaxed parsing option and trailing ";"
- exposed option on how to treat weak keys. Default is now ignore (was warning since 2.1.0) (#174)
- fixed default text color for unsigned e-mail in dark theme if highlighting of From header is enabled (#181)
- libunbound resolver: add ability to explicitly load dependencies of libunbound (#170, #179)
- updated default rules and favicons (#165, #168, #169, #180)

Download Now Download Anyway

Version 2.2.0 867.1 KiB Works with Thunderbird 52.0 - 60.*

- Authentication-Results header: fix relaxed parsing option and trailing ";"
- exposed option on how to treat weak keys. Default is now ignore (was warning since 2.1.0) (#174)
- fixed default text color for unsigned e-mail in dark theme if highlighting of From header is enabled (#181)
- libunbound resolver: add ability to explicitly load dependencies of libunbound (#170, #179)
- updated default rules and favicons (#165, #168, #169, #180)

Download Now Download Anyway

Version 3.0.1 688.5 KiB Works with Thunderbird 68.0 - 73.0

- fixed incompatibility with Thunderbird 70 (#167)
- fixed DKIM status not visible when a message is opened in a new window (#172)
- fixed incompatibility with CompactHeader add-on (#177)
- JSDNS: fixed proxy support (#173)

Download Now Download Anyway

Version 3.0.0 688.1 KiB Works with Thunderbird 68.0 - 73.0

- now requires at least Thunderbird 68
- fixed incompatibility with Thunderbird 68/69
- libunbound resolver: remove old root trust anchor (key tag 19036)

Download Now Download Anyway

Version 2.1.0 690.4 KiB Works with Thunderbird 52.0 - 60.*

- Cryptographic Algorithm and Key Usage Update (RFC 8301)
- updated default rules and favicons
- added Hungarian translation (by Óvári)

Download Now Download Anyway

Version 2.0.1 555.4 KiB Works with Thunderbird 52.0 - 60.*

- fixed signature verification in case the RSA key has an odd key length
- fixed DMARC heuristic
- fixed "*" not being recognized as valid Service Type in DKIM Keys
- changed update DKIM key button to now update the keys of all DKIM signatures in the e-mail
- Authentication-Results header: fixed mixed case results specified by older SPF specs resulting in a parsing error
- JSDNS: fixed a problem getting the default DNS servers on Windows
- JSDNS: reduced default DNS server timeout from 10 to 5 seconds
- updated included third-party libraries
- updated default rules and favicons

Download Now Download Anyway

Version 2.0.0 509.3 KiB Works with Thunderbird 52.0 - 60.*

- now requires at least Thunderbird 52
- added toolbar button and menuitem for sign rules
- added option to try to read non RFC compliant Authentication-Results header
- fixed incompatibility with Thunderbird 57/59/60
- fixed favicons not being shown if the CardBook add-on is installed
- fixed "Add must be signed exception" button being disabled if wrong signer is only a warning
- updated default rules and favicons

Download Now Download Anyway

Version 1.7.0 458.4 KiB Works with Thunderbird 17.0 - 52.*

- libunbound resolver: added ability to specify multiple DNSSEC trust anchors
- libunbound resolver: added new DNSSEC root trust anchor (key tag 20326)
- updated default rules and favicons

Download Now Download Anyway

Version 1.6.5 443.7 KiB Works with Thunderbird 17.0 - 52.*

- added Japanese translation (by SAKURAI Kenichi)
- updated default rules

Download Now Download Anyway

Version 1.6.4 435.3 KiB Works with Thunderbird 17.0 - 52.*

- fixed saving of result with DNSSEC lock enabled
- fixed incompatibility with Thunderbird 52 and libunbound
- updated default rules and favicons

Download Now Download Anyway

Version 1.6.3 430.3 KiB Works with Thunderbird 17.0 - 52.0

- fixed incompatibility with Thunderbird 52
- updated default rules and favicons

Download Now Download Anyway

Version 1.6.2 423.3 KiB Works with Thunderbird 17.0 - 46.*

- fixed incompatibility with Silvermel/Charamel
- fixed Problem with copied header fields
- updated default rules and favicons

Download Now Download Anyway

Version 1.6.1 422.4 KiB Works with Thunderbird 17.0 - 46.*

- fixed problem with old Thunderbird versions and sign rules

Download Now Download Anyway

Version 1.6.0 422.4 KiB Works with Thunderbird 45.0 - 46.*

- added option to indicate successful DNSSEC validation with a lock (enabled by default)
- added option to show the favicon of some known signing domains (enabled by default)
- added option to show the ARH result alongside the add-ons, instead of replacing it
- JSDNS: differentiate between a server error and an non existing DKIM key
- sign rules: ignore must be signed for outgoing messages
- sign rules: updated default rules
- fixed updating a DKIM key or marking it as secure via the "Other Actions" button

Download Now Download Anyway