mailauth 4.8.5 → 4.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +21 -0
- package/lib/arc/index.js +1 -1
- package/lib/arc/trustlist.js +19 -3
- package/lib/bimi/index.js +5 -2
- package/lib/tools.js +1 -1
- package/package.json +3 -3
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,26 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## [4.9.0](https://github.com/postalsys/mailauth/compare/v4.8.6...v4.9.0) (2025-08-21)
|
|
4
|
+
|
|
5
|
+
|
|
6
|
+
### Features
|
|
7
|
+
|
|
8
|
+
* added `forwardemail.net` to ARC trusted list ([#86](https://github.com/postalsys/mailauth/issues/86)) ([8cb577b](https://github.com/postalsys/mailauth/commit/8cb577b5cceaf0a61f02744811ad2f9533550032))
|
|
9
|
+
|
|
10
|
+
|
|
11
|
+
### Bug Fixes
|
|
12
|
+
|
|
13
|
+
* expose verifyASChain ([#89](https://github.com/postalsys/mailauth/issues/89)) ([cd11d85](https://github.com/postalsys/mailauth/commit/cd11d851f3c8cea125209676f3ba26676c700c5b))
|
|
14
|
+
* ZMS-246: add required policy headers in BIMI for Apple Mail ([#92](https://github.com/postalsys/mailauth/issues/92)) ([f6b3008](https://github.com/postalsys/mailauth/commit/f6b300837f9453877386ce3e76aff80fee01d913))
|
|
15
|
+
|
|
16
|
+
## [4.8.6](https://github.com/postalsys/mailauth/compare/v4.8.5...v4.8.6) (2025-05-26)
|
|
17
|
+
|
|
18
|
+
|
|
19
|
+
### Bug Fixes
|
|
20
|
+
|
|
21
|
+
* **ARC:** Updated built-in trust list for ARC ([ea9fc8c](https://github.com/postalsys/mailauth/commit/ea9fc8c6f8c5609b66053f1ffe95891c0b4efcb7))
|
|
22
|
+
* use minLength option for rsa keys ([#84](https://github.com/postalsys/mailauth/issues/84)) ([cbfed81](https://github.com/postalsys/mailauth/commit/cbfed816d953eee3c7eed99055c53f689a46a101))
|
|
23
|
+
|
|
3
24
|
## [4.8.5](https://github.com/postalsys/mailauth/compare/v4.8.4...v4.8.5) (2025-05-11)
|
|
4
25
|
|
|
5
26
|
|
package/lib/arc/index.js
CHANGED
|
@@ -532,4 +532,4 @@ const sealMessage = async (input, seal) => {
|
|
|
532
532
|
return headers.length ? Buffer.from(headers.join('\r\n') + '\r\n') : Buffer.from('');
|
|
533
533
|
};
|
|
534
534
|
|
|
535
|
-
module.exports = { getARChain, arc, createSeal, sealMessage };
|
|
535
|
+
module.exports = { getARChain, verifyASChain, arc, createSeal, sealMessage };
|
package/lib/arc/trustlist.js
CHANGED
|
@@ -2,13 +2,29 @@
|
|
|
2
2
|
|
|
3
3
|
module.exports = {
|
|
4
4
|
trusted: [
|
|
5
|
-
//
|
|
5
|
+
// GSuite/Gmail
|
|
6
6
|
'google.com',
|
|
7
7
|
|
|
8
8
|
// O365
|
|
9
9
|
'microsoft.com',
|
|
10
10
|
|
|
11
|
-
//
|
|
12
|
-
'
|
|
11
|
+
// From https://github.com/trusteddomainproject/ARC_Community_Sealers/blob/master/community_sealer_whitelist
|
|
12
|
+
'gmail.com',
|
|
13
|
+
'googlegroups.com',
|
|
14
|
+
'messagingengine.com',
|
|
15
|
+
'pobox.com',
|
|
16
|
+
'topicbox.com',
|
|
17
|
+
'umich.edu',
|
|
18
|
+
'fastmail.com',
|
|
19
|
+
'fastmail.fm',
|
|
20
|
+
'one.com',
|
|
21
|
+
'securemx.jp',
|
|
22
|
+
|
|
23
|
+
// Zone.eu specific
|
|
24
|
+
'zone.eu',
|
|
25
|
+
'teliaklm.ee',
|
|
26
|
+
|
|
27
|
+
// Forward Email
|
|
28
|
+
'forwardemail.net'
|
|
13
29
|
]
|
|
14
30
|
};
|
package/lib/bimi/index.js
CHANGED
|
@@ -177,11 +177,14 @@ const lookup = async data => {
|
|
|
177
177
|
response.status.result = 'pass';
|
|
178
178
|
|
|
179
179
|
if (recordData?.parsed?.l?.value) {
|
|
180
|
-
response.location = recordData
|
|
180
|
+
response.location = recordData.parsed.l.value;
|
|
181
181
|
}
|
|
182
182
|
|
|
183
183
|
if (recordData?.parsed?.a?.value) {
|
|
184
|
-
response.authority = recordData
|
|
184
|
+
response.authority = recordData.parsed.a.value;
|
|
185
|
+
|
|
186
|
+
// Apple Mail requires additional policy header values in Authentication-Results header
|
|
187
|
+
response.status.policy = { authority: 'none', 'authority-uri': recordData.parsed.a.value }; // VMC has not been actually checked here yet, so authority is none
|
|
185
188
|
}
|
|
186
189
|
|
|
187
190
|
response.info = formatAuthHeaderRow('bimi', response.status);
|
package/lib/tools.js
CHANGED
|
@@ -317,7 +317,7 @@ const getPublicKey = async (type, name, minBitLength, resolver) => {
|
|
|
317
317
|
|
|
318
318
|
let modulusLength = publicKeyObj.asymmetricKeyDetails.modulusLength;
|
|
319
319
|
|
|
320
|
-
if (keyType === 'rsa' && modulusLength <
|
|
320
|
+
if (keyType === 'rsa' && modulusLength < minBitLength) {
|
|
321
321
|
let err = new Error('RSA key too short');
|
|
322
322
|
err.code = 'ESHORTKEY';
|
|
323
323
|
err.rr = rr;
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "mailauth",
|
|
3
|
-
"version": "4.
|
|
3
|
+
"version": "4.9.0",
|
|
4
4
|
"description": "Email authentication library for Node.js",
|
|
5
5
|
"main": "lib/mailauth.js",
|
|
6
6
|
"scripts": {
|
|
@@ -39,7 +39,7 @@
|
|
|
39
39
|
"js-yaml": "4.1.0",
|
|
40
40
|
"license-report": "6.7.2",
|
|
41
41
|
"mbox-reader": "1.2.0",
|
|
42
|
-
"mocha": "11.
|
|
42
|
+
"mocha": "11.5.0",
|
|
43
43
|
"resedit": "^2.0.3"
|
|
44
44
|
},
|
|
45
45
|
"dependencies": {
|
|
@@ -51,7 +51,7 @@
|
|
|
51
51
|
"nodemailer": "7.0.3",
|
|
52
52
|
"punycode.js": "2.3.1",
|
|
53
53
|
"tldts": "7.0.7",
|
|
54
|
-
"undici": "7.
|
|
54
|
+
"undici": "7.10.0",
|
|
55
55
|
"yargs": "17.7.2"
|
|
56
56
|
},
|
|
57
57
|
"engines": {
|