/go-msgauth

A Go library for DKIM, DMARC and Authentication-Results

Primary LanguageGoMIT LicenseMIT

go-msgauth

godocs.io builds.sr.ht status codecov

A Go library to authenticate e-mails:

DKIM godocs.io

Sign

r := strings.NewReader(mailString)

options := &dkim.SignOptions{
	Domain: "example.org",
	Selector: "brisbane",
	Signer: privateKey,
}

var b bytes.Buffer
if err := dkim.Sign(&b, r, options); err != nil {
	log.Fatal(err)
}

Verify

r := strings.NewReader(mailString)

verifications, err := dkim.Verify(r)
if err != nil {
	log.Fatal(err)
}

for _, v := range verifications {
	if v.Err == nil {
		log.Println("Valid signature for:", v.Domain)
	} else {
		log.Println("Invalid signature for:", v.Domain, v.Err)
	}
}

FAQ

Why can't I verify a mail.Message directly? A mail.Message header is already parsed, and whitespace characters (especially continuation lines) are removed. Thus, the signature computed from the parsed header is not the same as the one computed from the raw header.

How can I publish my public key? You have to add a TXT record to your DNS zone. See RFC 6376 appendix C.

Authentication-Results godocs.io

// Format
results := []authres.Result{
	&authres.SPFResult{Value: authres.ResultPass, From: "example.net"},
	&authres.AuthResult{Value: authres.ResultPass, Auth: "sender@example.com"},
}
s := authres.Format("example.com", results)
log.Println(s)

// Parse
identifier, results, err := authres.Parse(s)
if err != nil {
	log.Fatal(err)
}

log.Println(identifier, results)

DMARC godocs.io

See the GoDoc page.

License

MIT