{"id":20447270,"url":"https://github.com/carsonip/dkimpy","last_synced_at":"2025-03-05T08:49:51.777Z","repository":{"id":91355918,"uuid":"272894970","full_name":"carsonip/dkimpy","owner":"carsonip","description":"Fork of https://launchpad.net/dkimpy","archived":false,"fork":false,"pushed_at":"2020-06-17T09:47:27.000Z","size":788,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-01-15T21:53:45.042Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/carsonip.png","metadata":{"files":{"readme":"README.md","changelog":"ChangeLog","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-06-17T06:24:48.000Z","updated_at":"2020-06-17T06:26:29.000Z","dependencies_parsed_at":null,"dependency_job_id":"8184ce6c-7905-4931-b0e1-3b653f03460d","html_url":"https://github.com/carsonip/dkimpy","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/carsonip%2Fdkimpy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/carsonip%2Fdkimpy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/carsonip%2Fdkimpy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/carsonip%2Fdkimpy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/carsonip","download_url":"https://codeload.github.com/carsonip/dkimpy/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":241997290,"owners_count":20055113,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-15T10:25:28.221Z","updated_at":"2025-03-05T08:49:51.748Z","avatar_url":"https://github.com/carsonip.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"dkimpy - DKIM (DomainKeys Identified Mail)\nhttps://launchpad.net/dkimpy/\n\nFriendly fork of:\nhttp://hewgill.com/pydkim/\n\n# INTRODUCTION\n\ndkimpy is a library that implements DKIM (DomainKeys Identified Mail) email\nsigning and verification.  Basic DKIM requirements are defined in RFC 6376:\n\nhttps://tools.ietf.org/html/rfc6376\n\n# VERSION\n\nThis is dkimpy 1.1.\n\n# REQUIREMENTS\n\nDependencies will be automatically included for normal DKIM usage.  The\nextras_requires feature 'ed25519' will add the dependencies needed for signing\nand verifying using the new DCRUP ed25519-sha256 algorithm.  The\nextras_requires feature 'ARC' will add the extra dependencies needed for ARC.\nSimilarly, extras_requires feature 'asyncio' will add the extra dependencies\nneeded for asyncio.\n\n - Python 2.x \u003e= 2.7, or Python 3.x \u003e= 3.5.  Recent versions have not been\n   tested on python \u003c 2.7 or python3 \u003c 3.4, but may still work on python2.6\n   and python 3.1 - 3.3.\n - dnspython or pydns. dnspython is preferred if both are present and\n   installed to satisfy the DNS module requirement if neither are installed.\n - argparse.  Standard library in python2.7 and later.\n - authres.  Needed for ARC.\n - PyNaCl.  Needed for use of ed25519 capability.\n - aiodns.  Needed for asycnio (Requires python3.5 or later)\n\n# INSTALLATION\n\nThis package includes a scripts and man pages.  For those to be installed when\ninstalling using setup.py, the following incantation is required because\nsetuptools developers decided not being able to do this by default is a\nfeature:\n\n```python3 setup.py install --single-version-externally-managed --record=/dev/null```\n\n# DOCUMENTATION\n\nAn online version of the package documentation for the most recent release can\nbe found at:\n\nhttps://pymilter.org/pydkim/\n\n# TESTING\n\nTo run dkimpy's test suite:\n\n```PYTHONPATH=. python3 dkim```\n\nor\n\n```python3 test.py```\n\nor\n\n```PYTHONPATH=. python3 -m unittest dkim.tests.test_suite```\n\n\nAlternatively, if you have testrepository installed:\n\n```testr init```\n\n```testr run```\n\nYou should install all optional dependencies required for the test suite, e.g.\nby creating a virtualenv and using:\n\n```pip install -e '.[testing]'```\n\nThe included ARC tests are very limited.  The primary testing method for ARC\nis using the ARC test suite: https://github.com/ValiMail/arc_test_suite\n\nAs of 0.6.0, all tests pass for both python2.7 and python3. The test suite\n ships with test runners for dkimpy.  After downloading the test suite, you\n can run the signing and validation tests like this:\n\n```python2.7 ./testarc.py sign runners/arcsigntest.py```\n```python2.7 ./testarc.py validate runners/arcverifytest.py```\n\n# USAGE\n\nThe dkimpy library offers one module called dkim. The sign() function takes an\nRFC822 formatted message, along with some signing options, and returns a\nDKIM-Signature header line that can be prepended to the message. The verify()\nfunction takes an RFC822 formatted message, and returns True or False depending\non whether the signature verifies correctly.  There is also a DKIM class which\ncan be used to perform these functions in a more modern way.\n\nIn version 0.9.0, the default set of header fields that are oversigned was\nchanged from 'from', 'subject', 'date' to 'from' to reduce fragility of\nsignatures.  To restore the previous behavior, you can add them back after\ninstantiating your DKIM class using the add_frozen function as shown in the\nfollowing example:\n\n```python\n\u003e\u003e\u003e dkim = DKIM()\n\u003e\u003e\u003e dkim.add_frozen((b'date',b'subject'))\n\u003e\u003e\u003e [text(x) for x in sorted(dkim.frozen_sign)]\n['date', 'from', 'subject']\n```\n\n## DKIM RSA MODERNIZATION (RFC 8301)\n\nRFC8301 updated DKIM requirements in two ways:\n\n1.  It set the minimum valid RSA key size to 1024 bits.\n2.  It removed use of rsa-sha1.\n\nAs of version 0.7, the dkimpy defaults largely support these requirements.\n\nIt is possible to override the minimum key size to a lower value, but this is\nstrongly discouraged.  As of 2018, keys much smaller than the minimum are not\ndifficult to factor.\n\nThe code for rsa-sha1 signing and verification is retained, but not used for\nsigning by default.  Future releases will raise warnings and then errors when\nverifying rsa-sha1 signatures.  There are still some significant users of\nrsa-sha1 signatures, so operationally it's premature to disable verification\nof rsa-sha1.\n\n## ED25519 (RFC 8463) SUPPORT\n\nAs of version 0.7, experimental signing and verifying of DKIM Ed25519\nsignatures is supported as described in draft-ietf-dcrup-dkim-crypto:\n\nhttps://datatracker.ietf.org/doc/draft-ietf-dcrup-dkim-crypto/\n\nThe RFC that documents ed25519 DKIM signatures, RFC 8463, has been released\nand dkimpy 0.7 and later are aligned to its requirements.  As of 0.8, ed25519\nneed not be considered experimental.  The dkimpy implementation has\nsuccessfully interoperated with three other implementations and the technical\nparameters for ed25519-sha256 are defined and stable.\n\nTo install from pypi with the required optional depenencies, use the ed25519\noption:\n\n```pip install -e '.[ed25519]'```\n\n## DKIM SCRIPTS\n\nThree helper programs are also supplied: dknewkey, dkimsign and\ndkimverify\n\ndknewkey is s script that produces private and public key pairs suitable\nfor use with DKIM.  Note that the private key file format used for ed25519 is\nnot standardized (there is no standard) and is unique to dkimpy.\n\ndkimsign is a filter that reads an RFC822 message on standard input, and\nwrites the same message on standard output with a DKIM-Signature line\nprepended. The signing options are specified on the command line:\n\ndkimsign selector domain privatekeyfile [identity]\n\nThe identity is optional and defaults to \"@domain\".\n\ndkimverify reads an RFC822 message on standard input, and returns with exit\ncode 0 if the signature verifies successfully. Otherwise, it returns with exit\ncode 1. \n\n## ARC (Authenticated Receive Chain)\n\nAs of version 0.6.0, dkimpy provides experimental support for ARC (Authenticated\nReceived Chain).  See RFC 8617 for the current version of ARC:\n\nhttps://tools.ietf.org/html/rfc8617\n\nIn addition to arcsign and arcverify, the dkim module now provides\narc_sign and arc_verify functions as well as an ARC class.\n\nBoth DKIM ed25519 and ARC are now considered stable (no longer experimantal).\n\n## ASYNC SUPPORT\n\nAs of version 1.0, an alternative to dkim.verify for use in an async\nenvironment is provied.  It requires aiodns, https://pypi.org/project/aiodns/.\nHere is a simple example of dkim.verify_async usage:\n\n```python\n\u003e\u003e\u003e sys.stdin = sys.stdin.detach()\n\u003e\u003e\u003e\n\u003e\u003e\u003e async def main():\n\u003e\u003e\u003e     res = await dkim.verify_async(message)\n\u003e\u003e\u003e     return res\n\u003e\u003e\u003e\n\u003e\u003e\u003e if __name__ == \"__main__\":\n\u003e\u003e\u003e     res = asyncio.run(main())\n```\n\nThis feature requires python3.5 or newer.\n\n## TLSRPT (TLS Report)\n\nAs of version 1.0, the RFC 8460 tlsrpt service type is supported:\n\nhttps://tools.ietf.org/html/rfc8460\n\nA non-tlsrpt signed with a key record with s=tlsrpt won't verify.  Since the\nservice type (s=) is optional in the DKIM public key record, it is not\nrequired by RFC 8460.  When checking for a tlsrpt signature, set the tlsrpt=\nflag when verifying the signature:\n\n```python\n\u003e\u003e\u003e res = dkim.verify(smessage, tlsrpt='strict')\n```\n\nIf tlsrpt='strict', only public key records with s=tlsrpt will be considered\nvalid.  If set to tlsrpt=True, the service type is not required, but other\nRFC 8460 requirements are applied.\n\n# FEEDBACK\n\nBug reports may be submitted to the bug tracker for the dkimpy project on\nlaunchpad.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcarsonip%2Fdkimpy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcarsonip%2Fdkimpy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcarsonip%2Fdkimpy/lists"}