Good plugin, but... Rated 3 out of 5 stars
Not compatible with ARC (Authenticated Received Chain), used by GMail and others.
But very good plugin!
-- Français --
Non compatible avec le projet ARC (Authenticated Received Chain) qui est utilisé par Gmail, entre autre.
Mais ce plugin reste très utile !
Works perfectly. Rated 5 out of 5 stars
Nice, easy, unobtrusive way to verify a message's DKIM signature.This review is for a previous version of the add-on (1.6.1).
Excellent addon (EN) / Excellente extension (FR) Rated 5 out of 5 stars
DKIM is to email security a little bit like polychrome letterhead for paper mail: it's not the guarantee that the sender is who he claims, but the letter comes very probably from where it claims to be originated.
In this regard, this addon is discrete and effective: it verifies the DKIM signatures when they are present. In my opinion, this really advised security feature should be included in Thunderbird for all users automatically.
DKIM est au courriel ce que le papier à entête en couleur est à la correspondance papier: ce n'est pas une garantie sur l'identité de l'expéditeur, mais c'est une indication que le courrier vient très probablement de là d'où il prétend venir.
Cette extension est discrète et efficace: elle vérifie la signature DKIM lorsqu'elle est présente. Elle contribue ainsi à la confiance numérique et devrait à mon avis être intégrée d'office dans Thunderbird pour tous les utilisateurs.
Excellent Addon Rated 5 out of 5 stars
Provides an easy way to view detailed information about a message's DKIM information and verification. Invaluable if one is diagnosing DKIM message signing and handling.
Re: Nice but beware the default setup on Ubuntu Rated 5 out of 5 stars
I just ran into the same issue as reported by Martin in his review: https://addons.mozilla.org/EN-uS/thunderbird/addon/dkim-verifier/reviews/701478/
I am running DKIM Verifiier 1.3.6, Thunderbird 38.4.0, Fedora 22. Unchecking General:DNS:Get DNS servers from OS configuration fixed it. (Thank you Martin!)
Possibly related, my resolv.conf is constantly being changed by connecting/disconnecting to VPNs.
Thank you Phillippe for this add-on, it should be part of Thunderbird by default!
Fine - but curious problem with own DKIM Rated 3 out of 5 stars
Works perfectly with other domains, where results match with online DKIM verification tools. However, with our own domain (which passes all DKIM online verification tools) it returns the error "Invalid (DKIM key is ill-formed)" on mails sent internally.This review is for a previous version of the add-on (1.3.6).
This is the wrong place to report bugs in the add-on.
Please e-mail me to firstname.lastname@example.org or open a issue at https://github.com/lieser/dkim_verifier/issues.
Needed detail are at least your domain and used selector (to get the DKIM key). Best would be to provide an affected e-mail as a saved .eml file.
Works, albeit it misses a point Rated 3 out of 5 stars
Reading the Authentication-Results header should be the normal behavior, since DKIM was designed to be verified by the receiving server. However, each server should have its own settings and policies (for example, some servers don't bother writing results for failed signatures, since they should be treated as non-existing.)
This add-on highlights those results by reporting them on the message window, along with From:, Subject:, and To:. Kudos for that!
Doing the crypto is good for servers that don't do it themselves, and for manual action. Such late verification may fail for old messages.
Strongly recommended Rated 5 out of 5 stars
Great tool, should be a default feature of Thunderbird!This review is for a previous version of the add-on (1.3.3).
Nice but beware the default setup on Ubuntu Rated 4 out of 5 stars
I had to uncheck the "Use OS DNS servers" setting (loosely translated from French) because on my Ubuntu 14.04 the local cache resolver "dnsmasq" does not answer, as I read in the console :
2015-02-05 18:40:21 DKIM_Verifier.JSDNS INFO Resolving 20120113._domainkey.gmail.com TXT by querying 127.0.1.1
2015-02-05 18:40:21 DKIM_Verifier.JSDNS DEBUG 20120113._domainkey.gmail.com/TXT: No answer, no authority to recurse on. DNS lookup failed.
Once I uncheck this, it works.
Unfortunately I am unable to reproduce this on my Ubuntu 14.04 installation. If you are interested in trying to find the problem please write an e-mail to email@example.com.
Great add-on! Rated 5 out of 5 stars
Nice set of options.
Outstanding personal support from the author.
Rated 5 out of 5 stars
Thank you very much for this addon. I searched for this for a long time.This review is for a previous version of the add-on (1.0.5).
Really useful! Rated 5 out of 5 stars
Really useful to debug server configurations and to be more sure about certain emailsThis review is for a previous version of the add-on (1.0.4).
Rated 5 out of 5 stars
Awesome! Works exactly as advertised. This functionality should be included in Thunderbird by default.This review is for a previous version of the add-on (1.0.3).
Rated 5 out of 5 stars
This is great! As a sysadmin I'm just curious what other domains are using dkim and how. This makes easy to see. I like it even better with the options set to (i) highlighting on, even for unsigned emails (I make 'em pink); (ii) and display-even-when-testing on (many big domains leave testing on, e.g., comcast); (iii) show DKIM header when an email is viewed, so that you affirmatively get a message even for unsigned emails. So I'd move to make those the defaults. Separately, note to the developer since it might be in your skillset, if you created a DMARC filter extension (i.e., send to junk those messages that fail senders DMARC policy) for Thunderbird that would be bomb. It's probably best done by the MTA, but a client side options is always neat to have.This review is for a previous version of the add-on (0.6.0).
Rated 3 out of 5 stars
"DKIM: Message is not an e-mail"
Fixed in version 0.4.3
Could you please provide more information, so I can try to fix this?
Best at https://github.com/lieser/dkim_verifier/issues, http://forums.mozillazine.org/viewtopic.php?f=48&t=2704121 or by e-mail to firstname.lastname@example.org.
Here some of the Information that would be helpful:
Does this happen with every e-mail, or just one?
If you enable debugging in the options, is there an error message that says “Message is not in correct e-mail format”?
If you now how to, can you look in the profile folder which line ending (LF or CR+LF) is used for the e-mail?
I assume you are using version 0.4.2 of this add-on?
If you have an e-mail without personal information in it, to which this happens, it would also be nice if you could save it (right click and “Save as...”, or in the header “Other Actions” and “Save as...”) and send the file to me, so I can test it my self.
But if you answer all additional questions what appear during testing, it's probably not necessary.
Problem fixed in version 0.4.3.
Rated 4 out of 5 stars
Looking forward to a more polished UI. In particular, I'd like it to be visible at all times, and to highlight the "From" email's domain as either green (verified), orange (unsigned) or red (verified-wrong).
Your suggestions are added in version 0.4.0. If you don't mind installing a unreviewed version, you can download it already from https://addons.mozilla.org/addon/dkim-verifier/versions/