DKIM Verifier Version History

49 versions

Be careful with old versions!

These versions are displayed for reference and testing purposes. You should always use the latest version of an add-on.

Version 5.4.0 1.5 MiB Works with Thunderbird 91.0 - 132.*

Enhancements
  • Added support for using the Brand Indicators for Message Identification (BIMI) when showing favicons is enabled (#242).
  • Added the possibility to show a favicon for a specific From address or AUID (#107).
  • Don't save DKIM results that contain a temporary error.
  • Show proper error message if parsing of a message failed.
  • Show DKIM label if "Hide labels column" is enabled.
  • Authentication-Results header: if reading of non RFC compliant ARHs is enabled, a `:` in a property value is now allowed without the value being in a quoted-string.
  • Authentication-Results header: don't restrict result keyword for unknown methods.
Fixes
  • Fixed signature verification if a signed header contains a non ASCII character.
  • Fixed support for Thunderbird Conversations add-on in Thunderbird 115 and later (#395).
  • Libunbound resolver: Fixed using a relative path to the profile directory in Thunderbird 115 and later (#385).
Other
  • Added Polish translation (by dMbski) (#392).
  • Options navigation is now flat.
  • Updated default rules and favicons (#387, #393, #399).

Version 5.3.1 1.4 MiB Works with Thunderbird 91.0 - 123.*

Fixes
  • Fixed incompatibility with Thunderbird 115 if no preferences exist, e.g. a new installation.

Version 5.3.0 1.4 MiB Works with Thunderbird 91.0 - 115.*

Enhancements
  • Fixed incompatibility with Thunderbird 115 (#364).
  • Support the offline mode of Thunderbird.
    No DNS queries are done if Thunderbird is in the offline mode (#129).
  • JSDNS: Support IPv6 addresses (#363)
  • JSDNS: Improved how the addon behaves if all DNS servers were not reachable.
    By default the addon will now try them again instead of getting in a state there all further DNS queries will fail (#269).
    If getting DNS servers from OS configuration is enabled, they will now also be read from the OS again (#90).
Other
  • Updated default rules and favicons (#365).

Version 5.2.0 1.4 MiB Works with Thunderbird 91.0 - 114.0

Enhancements

- Extract the received time from the last Received header and use it as the verification time (#336).
- Fixed incompatibility with Thunderbird 113 (#352).

Fixes

- Fixed extension not working for attached or external messages (#216).
Requires Thunderbird 106 or later.
- Fixed empty tags being treated as ill-formed. This e.g. fixes revoked DKIM keys.
- Fixed tooltip for From header in Thunderbird 102 or newer (#311).
- Fixed missing body resulting in internal error (#347).

Other

- Added Traditional Chinese translation (by NightFeather) (#335).
- Updated default rules and favicons (#334, #337).

Version 5.1.1 1.1 MiB Works with Thunderbird 91.0 - 109.0

Fixes

- Invalid Reply-To header is now ignored instead of resulting in internal error.

Other

- updated default rules and favicons (#323, #326, #327)

Version 5.1.0 1.1 MiB Works with Thunderbird 91.0 - 105.0

Enhancements

- Added heuristic to detect maliciously added unsigned headers (#102).
- Configurable option to warn about unsigned headers that are recommended to be signed (#102, #277).
- Improved theming of header icon in Thunderbird 102.
- Authentication-Results header: Prefer to show failure results that include a reason and are related to the sending domain (#247).

Fixes

- Fixed error when opening messages in a new window in Thunderbird 102.

Other

- updated default rules and favicons

Version 5.0.0 1.1 MiB Works with Thunderbird 91.0 - 104.0

Breaking Changes

- now requires at least Thunderbird 91

Enhancements

- fixed incompatibility with Thunderbird 102 (#306, #312)
- Added support for signing algorithm Ed25519-SHA256 (RFC 8463) (#142)
- JSDNS: fixed incompatibility with Thunderbird 101 (#303)
- Authentication-Results header: check sign algorithm used for DKIM (RFC 8601) (#219)

Fixes

- fixed multiple from addresses being treated as ill-formed (#304)

Other

- updated default rules and favicons

Version 4.1.1 1.0 MiB Works with Thunderbird 78.0 - 100.0

- fixed blank line in header if email does not contain DKIM signature (Thunderbird 97) (#293)
- fixed some dialog windows being to small (#296)
- fixed header spanning multiple lines possibly being cropped at the bottom
- fixed wrapping of header in Thunderbird 99
- added Ukrainian translation (by lexxai) (#297)

Version 4.1.0 1019.4 KiB Works with Thunderbird 78.0 - 100.0

- fixed incompatibility with Thunderbird 96 (#279)
- Re-added support for Thunderbird Conversations add-on (#203)
- show proper error message on ill-formed from (#238)
- ignore ill-formed List-Id (#262) and fix parsing of List-Id
- Authentication-Results header: fixed sorting of DKIM results in regards to list id
- fixed options styling for Thunderbird 91
- added Brazilian Portuguese translation (by David BrazSan) (#283)
- Add ability to export/import sign rules (#220)
- Fix layout issues in table views (Sign rules / stored keys) (#248)
- updated default rules and favicons (#263, #266, #274, #281, #284)

Version 4.0.0 952.1 KiB Works with Thunderbird 78.0 - 95.0

- now requires at least Thunderbird 78
- fixed incompatibility with Thunderbird 78 (#199)
- removed option to show DKIM result in the statusbarpanel
- Authentication-Results header: fixed parsing of version
- Authentication-Results header: fixed parsing of quoted SDID and AUID (#229, #234)
- Authentication-Results header: fixed missing reason on fail resulting in error (#232)
- libunbound resolver: Don't provide a default path (#199)
- libunbound resolver: Improve options description (#199)
- added about page in options
- added incomplete Swedish translation (by Phoenix)
- added Spanish translation (by Peter O Brien) (#239)
- updated default rules and favicons (#208, #209, #210)

Changes since v4.0.0pre4:

- fixed incompatibility with Thunderbird 89
- Update translations
- added Spanish translation (by Peter O Brien) (#239)
- Migrated storing of DKIM keys
- Sign rules: Migrated DMARC heuristic
- Migrated DKIM actions in the header
- Authentication-Results header: fixed parsing of quoted SDID and AUID (#229, #234)
- Authentication-Results header: fixed missing reason on fail resulting in error (#232)
- Improve parsing of From address, now supporting parts of the obsolete Syntax (#235)
- updated default rules and favicons

Version 4.0.0pre4 880.3 KiB Works with Thunderbird 78.0 - 95.0

- now requires at least Thunderbird 78
- fixed incompatibility with Thunderbird 78 (#199)
- removed option to show DKIM result in the statusbarpanel
- Authentication-Results header: fixed parsing of version
- libunbound resolver: Don't provide a default path
- libunbound resolver: Improve options description
- added about page in options
- updated default rules and favicons (#208, #209, #210)

Changes since v4.0.0pre3:

- Don't provide a default libunbound path
- Sign rules: Special treatment of outgoing messages now supported
- Fixed relaxed ARH parsing option (#221)
- Fixed backtracking issues in parsing of from header, resulting in `InternalError: too much recursion`
- Fixed options page not correctly working if it was already open on start
- Add about page
- updated default rules and favicons (#209)

Current limitations:

- Storing of DKIM keys not implemented
- Sign rules: DMARC heuristic not implemented
- DKIM action in the header not implemented

Removed:

- Option to show DKIM result in the statusbarpanel

Version 4.0.0pre3 859.0 KiB Works with Thunderbird 78.0 - 95.0

- now requires at least Thunderbird 78
- fixed incompatibility with Thunderbird 78 (#199)
- removed option to show DKIM result in the statusbarpanel
- Authentication-Results header: fixed parsing of version

Known issues:

- Storing of DKIM keys not implemented
- Sign rules: DMARC heuristic not implemented
- Sign rules: Special treatment of outgoing messages not implemented
- DKIM action in the header not implemented

Removed:

- Option to show DKIM result in the statusbarpanel

Version 3.1.0 865.3 KiB Works with Thunderbird 68.0 - 73.0

- fix default rules and favicons (#197)
- includes changes from 2.2.0:
- Authentication-Results header: fix relaxed parsing option and trailing ";"
- exposed option on how to treat weak keys. Default is now ignore (was warning since 2.1.0) (#174)
- fixed default text color for unsigned e-mail in dark theme if highlighting of From header is enabled (#181)
- libunbound resolver: add ability to explicitly load dependencies of libunbound (#170, #179)
- updated default rules and favicons (#165, #168, #169, #180)

Version 2.2.0 867.1 KiB Works with Thunderbird 52.0 - 60.*

- Authentication-Results header: fix relaxed parsing option and trailing ";"
- exposed option on how to treat weak keys. Default is now ignore (was warning since 2.1.0) (#174)
- fixed default text color for unsigned e-mail in dark theme if highlighting of From header is enabled (#181)
- libunbound resolver: add ability to explicitly load dependencies of libunbound (#170, #179)
- updated default rules and favicons (#165, #168, #169, #180)

Version 3.0.1 688.5 KiB Works with Thunderbird 68.0 - 73.0

- fixed incompatibility with Thunderbird 70 (#167)
- fixed DKIM status not visible when a message is opened in a new window (#172)
- fixed incompatibility with CompactHeader add-on (#177)
- JSDNS: fixed proxy support (#173)

Version 3.0.0 688.1 KiB Works with Thunderbird 68.0 - 73.0

- now requires at least Thunderbird 68
- fixed incompatibility with Thunderbird 68/69
- libunbound resolver: remove old root trust anchor (key tag 19036)

Version 2.1.0 690.4 KiB Works with Thunderbird 52.0 - 60.*

- Cryptographic Algorithm and Key Usage Update (RFC 8301)
- updated default rules and favicons
- added Hungarian translation (by Óvári)

Version 2.0.1 555.4 KiB Works with Thunderbird 52.0 - 60.*

- fixed signature verification in case the RSA key has an odd key length
- fixed DMARC heuristic
- fixed "*" not being recognized as valid Service Type in DKIM Keys
- changed update DKIM key button to now update the keys of all DKIM signatures in the e-mail
- Authentication-Results header: fixed mixed case results specified by older SPF specs resulting in a parsing error
- JSDNS: fixed a problem getting the default DNS servers on Windows
- JSDNS: reduced default DNS server timeout from 10 to 5 seconds
- updated included third-party libraries
- updated default rules and favicons

Version 2.0.0 509.3 KiB Works with Thunderbird 52.0 - 60.*

- now requires at least Thunderbird 52
- added toolbar button and menuitem for sign rules
- added option to try to read non RFC compliant Authentication-Results header
- fixed incompatibility with Thunderbird 57/59/60
- fixed favicons not being shown if the CardBook add-on is installed
- fixed "Add must be signed exception" button being disabled if wrong signer is only a warning
- updated default rules and favicons

Version 1.7.0 458.4 KiB Works with Thunderbird 17.0 - 52.*

- libunbound resolver: added ability to specify multiple DNSSEC trust anchors
- libunbound resolver: added new DNSSEC root trust anchor (key tag 20326)
- updated default rules and favicons

Version 1.6.5 443.7 KiB Works with Thunderbird 17.0 - 52.*

- added Japanese translation (by SAKURAI Kenichi)
- updated default rules

Version 1.6.4 435.3 KiB Works with Thunderbird 17.0 - 52.*

- fixed saving of result with DNSSEC lock enabled
- fixed incompatibility with Thunderbird 52 and libunbound
- updated default rules and favicons

Version 1.6.3 430.3 KiB Works with Thunderbird 17.0 - 52.0

- fixed incompatibility with Thunderbird 52
- updated default rules and favicons

Version 1.6.2 423.3 KiB Works with Thunderbird 17.0 - 46.*

- fixed incompatibility with Silvermel/Charamel
- fixed Problem with copied header fields
- updated default rules and favicons

Version 1.6.1 422.4 KiB Works with Thunderbird 17.0 - 46.*

- fixed problem with old Thunderbird versions and sign rules

Version 1.6.0 422.4 KiB Works with Thunderbird 45.0 - 46.*

- added option to indicate successful DNSSEC validation with a lock (enabled by default)
- added option to show the favicon of some known signing domains (enabled by default)
- added option to show the ARH result alongside the add-ons, instead of replacing it
- JSDNS: differentiate between a server error and an non existing DKIM key
- sign rules: ignore must be signed for outgoing messages
- sign rules: updated default rules
- fixed updating a DKIM key or marking it as secure via the "Other Actions" button

Version 1.5.1 185.1 KiB Works with Thunderbird 17.0 - 46.*

- fixed verification for external messages
- sign rules: updated default rules

Version 1.5.0 184.9 KiB Works with Thunderbird 17.0 - 46.*

- added option to enable/disable DKIM verification for each account
- JavaScript DNS library: added support to use a proxy
- sign rules: updated default rules (added firefox.com)
- DKIM key: empty, but existing DNS record is now treated as a missing key instead as an ill-formed one
- fixed installing problem if extensions.getAddons.cache.enabled is set to false (https://bugzilla.mozilla.org/show_bug.cgi?id=1187725)

Version 1.4.1 183.6 KiB Works with Thunderbird 17.0 - 46.*

- fixed incompatibility with Thunderbird 46
- Authentication-Results header: fixed trusting all authentication servers

Version 1.4.0 183.5 KiB Works with Thunderbird 17.0 - 40.*

- simplified shown error reasons and added advanced option for detailed reasons
- Authentication-Results header: reading of the ARH can now be set for each account
- Authentication-Results header: added option to only trust specific authentication servers
- Authentication-Results header: continue verification if there is no DKIM result in the ARH header
- Authentication-Results header: allow also unknown property types to be compliant with RFC 7601
- Authentication-Results header: fixed bug if ARH header exists, but no message authentication was done
- JavaScript DNS library: no longer get the DNS servers from deactivated interfaces under windows
- libunbound resolver: no longer blocks the UI of Thunderbird
- libunbound resolver: changing preferences no longer needs a restart