opendkim (2.5.2+dfsg-2) unstable; urgency=low There are a number of optional features newly enabled in this revision. Except for OversignHeaders, none of them are active by default. Enable support for optional oversigning of header fields to prevent malicious parties from adding additional instances of the field. By By default, always oversign From (sign using actual From and a null From to prevent malicious signatures header fields (From and/or others) between the signer and the verifier. From is oversigned by default in the Debian package because it is often the identity key used by reputation systems and thus somewhat security sensitive. Support for RFC 5518 Vouch By Reference (VBR) is available. See opendkim.conf.5 for information about how to enable VBR in opendkim Support for the experimental RFC 6541 DKIM Authorized Third-Party Signatures (ATPS) protocol is also enabled. No signing is performed unless ATPSDomains is set in /etc/opendkim.conf. Verification is always performed Command line tools for various utilty functions are now split out into a new opendkim-tools package -- Scott Kitterman Tue, 10 Apr 2012 00:16:02 -0400 opendkim (2.5.0.1+dfsg-1) unstable; urgency=low There is one backward compatibility issue, referring to the "BodyLengths" setting which has been removed. Instead, see the documentation for "BodyLengthDB". -- Scott Kitterman Wed, 14 Mar 2012 22:34:48 -0400