Skip to content

rust

7 posts with the tag “rust”

DKIM2 and DMARCbis have landed, and Stalwart speaks them first

Email authentication just took its biggest step in a decade. DKIM2 rebuilds DKIM around a verifiable chain of custody that survives forwarding, stops replay, and makes bounces provable, while DMARCbis trades the Public Suffix List for a live DNS tree walk and writes a decade of operational lessons back into the spec. Both are now fully implemented in Stalwart v0.16.12, the first mail server to support them, and both can be tested straight from the browser at the mail-auth playground.

DKIM, ARC, SPF and DMARC authentication in Rust

Today the mail-auth library was released, which is an e-mail authentication and reporting library written in Rust that supports the DKIM, ARC, SPF and DMARC protocols. It is the Rust equivalent of OpenDKIM, OpenSPF, OpenARC and OpenDMARC combined in one library (as well as some extras such ARF support). mail-auth includes the following features:

  • DomainKeys Identified Mail (DKIM):
  • ED25519-SHA256 (Edwards-Curve Digital Signature Algorithm), RSA-SHA256 and RSA-SHA1 signing and verification.
  • DKIM Authorized Third-Party Signatures.
  • DKIM failure reporting using the Abuse Reporting Format.
  • Authenticated Received Chain (ARC):
  • ED25519-SHA256 (Edwards-Curve Digital Signature Algorithm), RSA-SHA256 and RSA-SHA1 chain verification.
  • ARC sealing.
  • Sender Policy Framework (SPF):
  • Policy evaluation.
  • SPF failure reporting using the Abuse Reporting Format.
  • Domain-based Message Authentication, Reporting, and Conformance (DMARC):
  • Policy evaluation.
  • DMARC aggregate report parsing and generation.
  • Abuse Reporting Format (ARF):
  • Abuse and Authentication failure reporting.
  • Feedback report parsing and generation.