It is important to note that an e-mail can be signed by an arbitrary domains. A valid DKIM signature alone is therefore not an indicator for a trustworthy e-mail. Always check who the signer is to determine if an e-mail is trustworthy!
In some cases, the absence of a DKIM signature can be useful to identify scam e-mails. If it is known that a certain domain is signing all its e-mails with DKIM, the absence of a DKIM signature is a strong indicator for a forged e-mail.
To ease the checking of if and by who an e-mail is signed, the add-on supports the use of sign rules. With sign rules it is possible to specify that e-mails from a certain sender have to be always signed by a specific domain (also referred to as SDID). More about sign rules at https://github.com/lieser/dkim_verifier/wiki/Sign-rules.
A description of all the available add-on options can be found at https://github.com/lieser/dkim_verifier/wiki/Options.
- now requires at least Thunderbird 91
- fixed incompatibility with Thunderbird 102 (#306, #312)
- Added support for signing algorithm Ed25519-SHA256 (RFC 8463) (#142)
- JSDNS: fixed incompatibility with Thunderbird 101 (#303)
- Authentication-Results header: check sign algorithm used for DKIM (RFC 8601) (#219)
- fixed multiple from addresses being treated as ill-formed (#304)
- updated default rules and favicons
- 原始碼以 MIT/X11 License 的授權條款釋出