Back to libresolv with (hopefully) fixed code on OSX Intel
Version 1.1.9
Rewrote the internal DNS cache code for easier maintenance
Version 1.1.8
Not using libresolv anymore on OSX as it cause problems on OSX Intel.
Updated libdkim engine to v1.0.21
Version 1.1.7
Removed the l= tag from the DKIM signature as the methodology to measure body length is not clear enough and differs from one implementation to another
Version 1.1.6
Fixed: From and Sender headers are not unfold before being matched agains domains.local
Version 1.1.5
Fixed: DKIM signature domain discrepancy on messages containing a Sender and a To header belonging to a different domain
Version 1.1.4
Fixed problems with CRLF on linux which can produce invalid signature
Version 1.1.3
Sign mode is not multithreaded anymore to avoid race conditions when signing big messages. As no DNS operation is involved in sign mode, multithreading is not useful.
New setting to control internal timeout value for DNS operations (--timeout=20)
Version 1.1.2
Moved to a new command-line processor (boost::program_options) for clarity. Compatible with previous command-line syntax.
Version 1.1.1
Updated libdkim engine to v1.0.19
Added -t command-line option to allow trusted messages to be signed
Version 1.1a
Fixed a bug in the domainkeys library and an omission in the dkim library causing the wrong sender policy to be verified for a message bearing both a Sender and a From header but no signature (such as messages passing through the CGP mailing list)
Version 1.1
New: domains.local configuration file, for the filter to decide by itself which messages to sign. Requires SMTP AUTH. This simplifies a lot the CGP rules, especially for servers with several domains.
Old behavior (sign/verify all) still supported when domains.local file is empty or not found
Converted the Readme text file in HTML for readability. Documentation has been reverified entirely.
The private key file is now expected to have a fixed name and to be in the filter directory. The old command-line syntax to specify the private key file is supported for backward compatibility but has been removed from the documentation
Version 1.0.1
Fixed: In rare conditions, messages with CR+LF EOLs can get an invalid signature. This problem should affect Windows installations only
Version 1.0
Fixed: the Received header is sometimes signed by DK
Version 1.0 RC3
Simplified thread management code to avoid platform-specific issues
Removed the -ir option (see v0.80 history). This option is now forced on to avoid problems
New: DKIM support (RFC 4871). Standard domainkeys support continues, even if RFC 4870 is considered obsolete.
New header to simplify dk rules: X-DK-Recommendation: {pass|fail}
Version 0.84
Fixed the dns procedure. The one in v0.83 didn't always give the expected results
Fixed the threading code on Windows
Version 0.83
Rewrote the dns procedure - better compatibility with libresolv.so.2 on some platforms
FreeBSD build is now created on FreeBSD 6. Contact us if you need to run it on FreeBSD 5.5
Version 0.82
Ported to x64 architecture (x64 builds are considered beta)
Fixed the timeout-waiting thread implementation on Windows
Version 0.81
Fixed a possible crash when the From: header is present but empty - bug is due to a missed case in the reference implementation
Version 0.80
Added a command-line option to make the signature process ignore the Received: fields. This allow the use of the 'Hide Received Fields' feature in Communigate Pro (SMTP/Sending)
Version 0.79
Fixed (reference implementation): backward-compatibility mode is not backward-compatible anymore, causing interop problems with some MTA using old, broken implementations of DK
Version 0.78
New: Internal detection of dns and thread timeouts (Be sure to set CGP timeout value to 2 minutes or more)
Fixed: Small memory overrun causing segfaults on some configurations
Version 0.77
Fixed: Uninitialized data can cause segfaults (bug in libdomainkeys)
Fixed: Thread cleanup is not aggressive enough and can cause resources leaks
Version 0.76
Fixed: The helper may crash when it gets several requests at the same time (bug in libdomainkeys)
Version 0.75
Using libdomainkeys-0.66
Fixed a memory leak when signing
Added solaris-i386 to the package
Version 0.7
Using libdomainkeys-0.65, and a lot of new points from the DomainKeys draft v0.2
Changed DomainKeys-Status: for Authentication-Results: header (http://www.ietf.org/internet-drafts/draft-kucherawy-sender-auth-header-02.txt)
Version 0.65
Using latest changes from the reference implementation
Fixed interoperability with Yahoo! Mail.
Version 0.6
Fixed: Message signature is invalid when multiple header fields with the same name are present and these headers don't follow each other.
Fixed a small memory leak
Version 0.5
Fixed: If a sign-all domain send a message to to a mailing list, and this mailing list resend the message (stripping the DomainKeys-Signature header but adding a Sender: header), the received message is incorrectly marked as BAD because of a bug in the open-source library.
Some clarification in the documentation
Version 0.4
Fixed: DomainKeys-Win32 can crash if the domain return a CNAME. Should not happen, it's against some RFC, but it happens with spammers domains
Fixed: The Policy is fetched from an incorrect domain name (bug in libdomainkeys)
Version 0.3
Added Domain Policy support for incoming messages
Added Testing mode support for incoming messages
Revamped the headers added by the Verify filter to follow the Internet Draft
Updated the README file with new data
Added the MISSING file for things that are missing from this filter
Version 0.2
The filter now adds the "h" field to the signature, this to avoid problems with MTA adding headers AFTER the current ones, once the message is already signed
The headers are now "folded" to 100 characters
Version 0.1a
Removed dknewkeys, included a perl script that does a better job to create new keys