mymx 0.3.5 → 0.3.7

package/dist/{types-BRl0ogvI.d.cts → types-C8JlcpcT.d.ts}

@@ -466,8 +466,218 @@ interface EmailReceivedEvent {
         score: number;
       };
     };
+    /**
+     * Email authentication results (SPF, DKIM, DMARC).
+     * May be absent if authentication was not performed.
+     */
+    auth?: EmailAuth;
   };
 }
+/**
+ * SPF verification result.
+ *
+ * @see https://datatracker.ietf.org/doc/html/rfc7208
+ */
+type SpfResult = "pass" | "fail" | "softfail" | "neutral" | "none" | "temperror" | "permerror";
+/**
+ * DMARC verification result.
+ *
+ * @see https://datatracker.ietf.org/doc/html/rfc7489
+ */
+type DmarcResult = "pass" | "fail" | "none" | "temperror" | "permerror";
+/**
+ * DMARC policy action specified in the domain's DMARC record.
+ *
+ * - `reject`: The domain owner requests that receivers reject failing emails
+ * - `quarantine`: The domain owner requests that failing emails be treated as suspicious
+ * - `none`: The domain owner is only monitoring (no action requested)
+ * - `null`: No DMARC policy was found for the domain
+ */
+type DmarcPolicy = "reject" | "quarantine" | "none" | null;
+/**
+ * DKIM signature verification result for a single signature.
+ */
+type DkimSignatureResult = "pass" | "fail" | "temperror" | "permerror";
+/**
+ * Details about a single DKIM signature found in the email.
+ *
+ * An email may have multiple DKIM signatures (e.g., one from the sending domain
+ * and one from the ESP). Each signature is verified independently.
+ */
+interface DkimSignature {
+  /**
+   * The domain that signed this DKIM signature (d= tag).
+   * This may differ from the From: domain (that's what alignment checks).
+   */
+  domain: string;
+  /**
+   * The DKIM selector used to locate the public key (s= tag).
+   * Combined with the domain to form the DNS lookup: `selector._domainkey.domain`
+   */
+  selector: string;
+  /**
+   * Verification result for this specific signature.
+   */
+  result: DkimSignatureResult;
+  /**
+   * Whether this signature's domain aligns with the From: domain (for DMARC).
+   *
+   * Alignment can be "strict" (exact match) or "relaxed" (organizational domain match).
+   * For example, if From: is `user@sub.example.com` and DKIM is signed by `example.com`:
+   * - Relaxed alignment: true (same organizational domain)
+   * - Strict alignment: false (not exact match)
+   */
+  aligned: boolean;
+  /**
+   * Key size in bits (e.g., 1024, 2048).
+   * Null if the key size couldn't be determined.
+   */
+  keyBits: number | null;
+  /**
+   * Signing algorithm (e.g., "rsa-sha256", "ed25519-sha256").
+   */
+  algo: string;
+}
+/**
+ * Email authentication results for SPF, DKIM, and DMARC.
+ *
+ * Use `validateEmailAuth()` to compute a verdict based on these results.
+ *
+ * @example
+ * ```typescript
+ * import { handleWebhook, validateEmailAuth } from 'mymx';
+ *
+ * const event = handleWebhook({ body, headers, secret });
+ *
+ * if (event.email.auth) {
+ *   const result = validateEmailAuth(event.email.auth);
+ *   if (result.verdict === 'legit') {
+ *     // Email passed authentication
+ *   }
+ * }
+ * ```
+ */
+interface EmailAuth {
+  /**
+   * SPF verification result.
+   *
+   * SPF checks if the sending IP is authorized by the envelope sender's domain.
+   * "pass" means the IP is authorized; "fail" means it's explicitly not allowed.
+   */
+  spf: SpfResult;
+  /**
+   * DMARC verification result.
+   *
+   * DMARC passes if either SPF or DKIM passes AND aligns with the From: domain.
+   * "pass" means the email is authenticated according to the sender's policy.
+   */
+  dmarc: DmarcResult;
+  /**
+   * DMARC policy from the sender's DNS record.
+   *
+   * - `reject`: Domain wants receivers to reject failing emails
+   * - `quarantine`: Domain wants failing emails marked as suspicious
+   * - `none`: Domain is monitoring only (no action requested)
+   * - `null`: No DMARC record found for this domain
+   */
+  dmarcPolicy: DmarcPolicy;
+  /**
+   * The organizational domain used for DMARC lookups.
+   *
+   * For example, if the From: address is `user@mail.example.com`, the DMARC
+   * lookup checks `_dmarc.mail.example.com`, then falls back to `_dmarc.example.com`.
+   * This field shows which domain's policy was used.
+   */
+  dmarcFromDomain: string | null;
+  /**
+   * Whether SPF aligned with the From: domain for DMARC purposes.
+   *
+   * True if the envelope sender domain matches the From: domain (per alignment mode).
+   */
+  dmarcSpfAligned: boolean;
+  /**
+   * Whether DKIM aligned with the From: domain for DMARC purposes.
+   *
+   * True if at least one DKIM signature's domain matches the From: domain.
+   */
+  dmarcDkimAligned: boolean;
+  /**
+   * Whether DMARC SPF alignment mode is strict.
+   *
+   * - `true`: Strict alignment required (exact domain match)
+   * - `false`: Relaxed alignment allowed (organizational domain match)
+   * - `null`: No DMARC record found
+   */
+  dmarcSpfStrict: boolean | null;
+  /**
+   * Whether DMARC DKIM alignment mode is strict.
+   *
+   * - `true`: Strict alignment required (exact domain match)
+   * - `false`: Relaxed alignment allowed (organizational domain match)
+   * - `null`: No DMARC record found
+   */
+  dmarcDkimStrict: boolean | null;
+  /**
+   * All DKIM signatures found in the email with their verification results.
+   *
+   * May be empty if no DKIM signatures were present.
+   */
+  dkimSignatures: DkimSignature[];
+}
+/**
+ * Overall verdict from email authentication validation.
+ *
+ * - `legit`: Strong evidence the email is authentic
+ * - `suspicious`: Evidence suggests the email may be spoofed
+ * - `unknown`: Not enough information to determine authenticity
+ */
+type AuthVerdict = "legit" | "suspicious" | "unknown";
+/**
+ * Confidence level for the authentication verdict.
+ *
+ * - `high`: Strong cryptographic evidence (DKIM aligned + DMARC pass)
+ * - `medium`: Good evidence but with caveats (SPF-only alignment)
+ * - `low`: Weak evidence (missing authentication or unclear results)
+ */
+type AuthConfidence = "high" | "medium" | "low";
+/**
+ * Result of validating email authentication.
+ *
+ * @example
+ * ```typescript
+ * const result = validateEmailAuth(event.email.auth);
+ *
+ * switch (result.verdict) {
+ *   case 'legit':
+ *     console.log('Email is authenticated');
+ *     break;
+ *   case 'suspicious':
+ *     console.log('Email may be spoofed:', result.reasons.join(', '));
+ *     break;
+ *   case 'unknown':
+ *     console.log('Cannot verify authenticity');
+ *     break;
+ * }
+ * ```
+ */
+interface ValidateEmailAuthResult {
+  /**
+   * Overall authentication verdict.
+   */
+  verdict: AuthVerdict;
+  /**
+   * Confidence level for this verdict.
+   */
+  confidence: AuthConfidence;
+  /**
+   * Human-readable reasons explaining the verdict.
+   *
+   * For `legit`: what authentication checks passed
+   * For `suspicious`: what failed or is concerning
+   * For `unknown`: why we couldn't determine authenticity
+   */
+  reasons: string[];
+}
 /**
  * Represents a webhook event type not yet supported by this SDK version.
  *
@@ -517,4 +727,4 @@ type WebhookEvent = KnownWebhookEvent | UnknownEvent;
  * Possible values for the `status` field in {@link ParsedData}.
  */
 type ParsedStatus = "complete" | "failed"; //#endregion
-export { EmailAddress, EmailReceivedEvent, KnownWebhookEvent, ParsedData, ParsedDataComplete, ParsedDataFailed, ParsedError, ParsedStatus, RawContent, RawContentDownloadOnly, RawContentInline, UnknownEvent, WEBHOOK_VERSION, WebhookAttachment, WebhookEvent };
+export { AuthConfidence, AuthVerdict, DkimSignature, DkimSignatureResult, DmarcPolicy, DmarcResult, EmailAddress, EmailAuth, EmailReceivedEvent, KnownWebhookEvent, ParsedData, ParsedDataComplete, ParsedDataFailed, ParsedError, ParsedStatus, RawContent, RawContentDownloadOnly, RawContentInline, SpfResult, UnknownEvent, ValidateEmailAuthResult, WEBHOOK_VERSION as WEBHOOK_VERSION$1, WebhookAttachment, WebhookEvent };

package/dist/{zod-Ced9Kav9.js → zod-CalKEwR4.js}

@@ -73,6 +73,52 @@ const rawContentDownloadOnlySchema = z.object({
 	sha256: sha256Schema
 });
 const rawContentSchema = z.discriminatedUnion("included", [rawContentInlineSchema, rawContentDownloadOnlySchema]);
+const spfResultSchema = z.enum([
+	"pass",
+	"fail",
+	"softfail",
+	"neutral",
+	"none",
+	"temperror",
+	"permerror"
+]);
+const dmarcResultSchema = z.enum([
+	"pass",
+	"fail",
+	"none",
+	"temperror",
+	"permerror"
+]);
+const dmarcPolicySchema = z.enum([
+	"reject",
+	"quarantine",
+	"none"
+]).nullable();
+const dkimSignatureResultSchema = z.enum([
+	"pass",
+	"fail",
+	"temperror",
+	"permerror"
+]);
+const dkimSignatureSchema = z.object({
+	domain: z.string(),
+	selector: z.string(),
+	result: dkimSignatureResultSchema,
+	aligned: z.boolean(),
+	keyBits: z.number().int().positive().max(16384).nullable(),
+	algo: z.string()
+});
+const emailAuthSchema = z.object({
+	spf: spfResultSchema,
+	dmarc: dmarcResultSchema,
+	dmarcPolicy: dmarcPolicySchema,
+	dmarcFromDomain: z.string().nullable(),
+	dmarcSpfAligned: z.boolean(),
+	dmarcDkimAligned: z.boolean(),
+	dmarcSpfStrict: z.boolean().nullable(),
+	dmarcDkimStrict: z.boolean().nullable(),
+	dkimSignatures: z.array(dkimSignatureSchema)
+});
 const emailReceivedEventSchema = z.object({
 	id: z.string(),
 	event: z.literal("email.received"),
@@ -105,7 +151,8 @@ const emailReceivedEventSchema = z.object({
 			})
 		}),
 		parsed: parsedDataSchema,
-		analysis: z.object({ spamassassin: z.object({ score: z.number() }) }).optional()
+		analysis: z.object({ spamassassin: z.object({ score: z.number() }) }).optional(),
+		auth: emailAuthSchema.optional()
 	})
 });
 /**
@@ -160,6 +207,22 @@ const FIELD_DESCRIPTIONS = {
 	"email.analysis": "email analysis results",
 	"email.analysis.spamassassin": "SpamAssassin analysis",
 	"email.analysis.spamassassin.score": "spam score",
+	"email.auth": "email authentication results",
+	"email.auth.spf": "SPF verification result",
+	"email.auth.dmarc": "DMARC verification result",
+	"email.auth.dmarcPolicy": "DMARC policy",
+	"email.auth.dmarcFromDomain": "DMARC organizational domain",
+	"email.auth.dmarcSpfAligned": "SPF DMARC alignment",
+	"email.auth.dmarcDkimAligned": "DKIM DMARC alignment",
+	"email.auth.dmarcSpfStrict": "SPF alignment mode",
+	"email.auth.dmarcDkimStrict": "DKIM alignment mode",
+	"email.auth.dkimSignatures": "DKIM signature list",
+	"email.auth.dkimSignatures.*.domain": "DKIM signing domain",
+	"email.auth.dkimSignatures.*.selector": "DKIM selector",
+	"email.auth.dkimSignatures.*.result": "DKIM verification result",
+	"email.auth.dkimSignatures.*.aligned": "DKIM alignment status",
+	"email.auth.dkimSignatures.*.keyBits": "DKIM key size",
+	"email.auth.dkimSignatures.*.algo": "DKIM signing algorithm",
 	"email.parsed.attachments.*.filename": "attachment filename",
 	"email.parsed.attachments.*.content_type": "attachment content type",
 	"email.parsed.attachments.*.size_bytes": "attachment size",
@@ -309,4 +372,4 @@ function safeValidateEmailReceivedEvent(input) {
 }
 
 //#endregion
-export { emailAddressSchema, emailReceivedEventSchema, parsedDataCompleteSchema, parsedDataFailedSchema, parsedDataSchema, parsedErrorSchema, rawContentDownloadOnlySchema, rawContentInlineSchema, rawContentSchema, safeValidateEmailReceivedEvent, validateEmailReceivedEvent, webhookAttachmentSchema };
+export { dkimSignatureResultSchema, dkimSignatureSchema, dmarcPolicySchema, dmarcResultSchema, emailAddressSchema, emailAuthSchema, emailReceivedEventSchema, parsedDataCompleteSchema, parsedDataFailedSchema, parsedDataSchema, parsedErrorSchema, rawContentDownloadOnlySchema, rawContentInlineSchema, rawContentSchema, safeValidateEmailReceivedEvent, spfResultSchema, validateEmailReceivedEvent, webhookAttachmentSchema };

package/dist/zod.d.ts

@@ -1,4 +1,4 @@
-import { EmailReceivedEvent } from "./types-DJTmrgCz.js";
+import { EmailReceivedEvent } from "./types-C8JlcpcT.js";
 import { WebhookValidationError$1 as WebhookValidationError, WebhookValidationErrorCode } from "./errors-CSPHzZB_.js";
 import { z } from "zod";
 
@@ -547,6 +547,98 @@ declare const rawContentSchema: z.ZodDiscriminatedUnion<"included", [z.ZodObject
   max_inline_bytes: number;
   reason_code: "size_exceeded";
 }>]>;
+declare const spfResultSchema: z.ZodEnum<["pass", "fail", "softfail", "neutral", "none", "temperror", "permerror"]>;
+declare const dmarcResultSchema: z.ZodEnum<["pass", "fail", "none", "temperror", "permerror"]>;
+declare const dmarcPolicySchema: z.ZodNullable<z.ZodEnum<["reject", "quarantine", "none"]>>;
+declare const dkimSignatureResultSchema: z.ZodEnum<["pass", "fail", "temperror", "permerror"]>;
+declare const dkimSignatureSchema: z.ZodObject<{
+  domain: z.ZodString;
+  selector: z.ZodString;
+  result: z.ZodEnum<["pass", "fail", "temperror", "permerror"]>;
+  aligned: z.ZodBoolean;
+  keyBits: z.ZodNullable<z.ZodNumber>;
+  algo: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+  domain: string;
+  selector: string;
+  result: "pass" | "fail" | "temperror" | "permerror";
+  aligned: boolean;
+  keyBits: number | null;
+  algo: string;
+}, {
+  domain: string;
+  selector: string;
+  result: "pass" | "fail" | "temperror" | "permerror";
+  aligned: boolean;
+  keyBits: number | null;
+  algo: string;
+}>;
+declare const emailAuthSchema: z.ZodObject<{
+  spf: z.ZodEnum<["pass", "fail", "softfail", "neutral", "none", "temperror", "permerror"]>;
+  dmarc: z.ZodEnum<["pass", "fail", "none", "temperror", "permerror"]>;
+  dmarcPolicy: z.ZodNullable<z.ZodEnum<["reject", "quarantine", "none"]>>;
+  dmarcFromDomain: z.ZodNullable<z.ZodString>;
+  dmarcSpfAligned: z.ZodBoolean;
+  dmarcDkimAligned: z.ZodBoolean;
+  dmarcSpfStrict: z.ZodNullable<z.ZodBoolean>;
+  dmarcDkimStrict: z.ZodNullable<z.ZodBoolean>;
+  dkimSignatures: z.ZodArray<z.ZodObject<{
+    domain: z.ZodString;
+    selector: z.ZodString;
+    result: z.ZodEnum<["pass", "fail", "temperror", "permerror"]>;
+    aligned: z.ZodBoolean;
+    keyBits: z.ZodNullable<z.ZodNumber>;
+    algo: z.ZodString;
+  }, "strip", z.ZodTypeAny, {
+    domain: string;
+    selector: string;
+    result: "pass" | "fail" | "temperror" | "permerror";
+    aligned: boolean;
+    keyBits: number | null;
+    algo: string;
+  }, {
+    domain: string;
+    selector: string;
+    result: "pass" | "fail" | "temperror" | "permerror";
+    aligned: boolean;
+    keyBits: number | null;
+    algo: string;
+  }>, "many">;
+}, "strip", z.ZodTypeAny, {
+  spf: "pass" | "fail" | "softfail" | "neutral" | "none" | "temperror" | "permerror";
+  dmarc: "pass" | "fail" | "none" | "temperror" | "permerror";
+  dmarcPolicy: "none" | "reject" | "quarantine" | null;
+  dmarcFromDomain: string | null;
+  dmarcSpfAligned: boolean;
+  dmarcDkimAligned: boolean;
+  dmarcSpfStrict: boolean | null;
+  dmarcDkimStrict: boolean | null;
+  dkimSignatures: {
+    domain: string;
+    selector: string;
+    result: "pass" | "fail" | "temperror" | "permerror";
+    aligned: boolean;
+    keyBits: number | null;
+    algo: string;
+  }[];
+}, {
+  spf: "pass" | "fail" | "softfail" | "neutral" | "none" | "temperror" | "permerror";
+  dmarc: "pass" | "fail" | "none" | "temperror" | "permerror";
+  dmarcPolicy: "none" | "reject" | "quarantine" | null;
+  dmarcFromDomain: string | null;
+  dmarcSpfAligned: boolean;
+  dmarcDkimAligned: boolean;
+  dmarcSpfStrict: boolean | null;
+  dmarcDkimStrict: boolean | null;
+  dkimSignatures: {
+    domain: string;
+    selector: string;
+    result: "pass" | "fail" | "temperror" | "permerror";
+    aligned: boolean;
+    keyBits: number | null;
+    algo: string;
+  }[];
+}>;
 declare const emailReceivedEventSchema: z.ZodObject<{
   id: z.ZodString;
   event: z.ZodLiteral<"email.received">;
@@ -914,6 +1006,72 @@ declare const emailReceivedEventSchema: z.ZodObject<{
         score: number;
       };
     }>>;
+    auth: z.ZodOptional<z.ZodObject<{
+      spf: z.ZodEnum<["pass", "fail", "softfail", "neutral", "none", "temperror", "permerror"]>;
+      dmarc: z.ZodEnum<["pass", "fail", "none", "temperror", "permerror"]>;
+      dmarcPolicy: z.ZodNullable<z.ZodEnum<["reject", "quarantine", "none"]>>;
+      dmarcFromDomain: z.ZodNullable<z.ZodString>;
+      dmarcSpfAligned: z.ZodBoolean;
+      dmarcDkimAligned: z.ZodBoolean;
+      dmarcSpfStrict: z.ZodNullable<z.ZodBoolean>;
+      dmarcDkimStrict: z.ZodNullable<z.ZodBoolean>;
+      dkimSignatures: z.ZodArray<z.ZodObject<{
+        domain: z.ZodString;
+        selector: z.ZodString;
+        result: z.ZodEnum<["pass", "fail", "temperror", "permerror"]>;
+        aligned: z.ZodBoolean;
+        keyBits: z.ZodNullable<z.ZodNumber>;
+        algo: z.ZodString;
+      }, "strip", z.ZodTypeAny, {
+        domain: string;
+        selector: string;
+        result: "pass" | "fail" | "temperror" | "permerror";
+        aligned: boolean;
+        keyBits: number | null;
+        algo: string;
+      }, {
+        domain: string;
+        selector: string;
+        result: "pass" | "fail" | "temperror" | "permerror";
+        aligned: boolean;
+        keyBits: number | null;
+        algo: string;
+      }>, "many">;
+    }, "strip", z.ZodTypeAny, {
+      spf: "pass" | "fail" | "softfail" | "neutral" | "none" | "temperror" | "permerror";
+      dmarc: "pass" | "fail" | "none" | "temperror" | "permerror";
+      dmarcPolicy: "none" | "reject" | "quarantine" | null;
+      dmarcFromDomain: string | null;
+      dmarcSpfAligned: boolean;
+      dmarcDkimAligned: boolean;
+      dmarcSpfStrict: boolean | null;
+      dmarcDkimStrict: boolean | null;
+      dkimSignatures: {
+        domain: string;
+        selector: string;
+        result: "pass" | "fail" | "temperror" | "permerror";
+        aligned: boolean;
+        keyBits: number | null;
+        algo: string;
+      }[];
+    }, {
+      spf: "pass" | "fail" | "softfail" | "neutral" | "none" | "temperror" | "permerror";
+      dmarc: "pass" | "fail" | "none" | "temperror" | "permerror";
+      dmarcPolicy: "none" | "reject" | "quarantine" | null;
+      dmarcFromDomain: string | null;
+      dmarcSpfAligned: boolean;
+      dmarcDkimAligned: boolean;
+      dmarcSpfStrict: boolean | null;
+      dmarcDkimStrict: boolean | null;
+      dkimSignatures: {
+        domain: string;
+        selector: string;
+        result: "pass" | "fail" | "temperror" | "permerror";
+        aligned: boolean;
+        keyBits: number | null;
+        algo: string;
+      }[];
+    }>>;
   }, "strip", z.ZodTypeAny, {
     id: string;
     received_at: string;
@@ -1006,6 +1164,24 @@ declare const emailReceivedEventSchema: z.ZodObject<{
         score: number;
       };
     } | undefined;
+    auth?: {
+      spf: "pass" | "fail" | "softfail" | "neutral" | "none" | "temperror" | "permerror";
+      dmarc: "pass" | "fail" | "none" | "temperror" | "permerror";
+      dmarcPolicy: "none" | "reject" | "quarantine" | null;
+      dmarcFromDomain: string | null;
+      dmarcSpfAligned: boolean;
+      dmarcDkimAligned: boolean;
+      dmarcSpfStrict: boolean | null;
+      dmarcDkimStrict: boolean | null;
+      dkimSignatures: {
+        domain: string;
+        selector: string;
+        result: "pass" | "fail" | "temperror" | "permerror";
+        aligned: boolean;
+        keyBits: number | null;
+        algo: string;
+      }[];
+    } | undefined;
   }, {
     id: string;
     received_at: string;
@@ -1098,6 +1274,24 @@ declare const emailReceivedEventSchema: z.ZodObject<{
         score: number;
       };
     } | undefined;
+    auth?: {
+      spf: "pass" | "fail" | "softfail" | "neutral" | "none" | "temperror" | "permerror";
+      dmarc: "pass" | "fail" | "none" | "temperror" | "permerror";
+      dmarcPolicy: "none" | "reject" | "quarantine" | null;
+      dmarcFromDomain: string | null;
+      dmarcSpfAligned: boolean;
+      dmarcDkimAligned: boolean;
+      dmarcSpfStrict: boolean | null;
+      dmarcDkimStrict: boolean | null;
+      dkimSignatures: {
+        domain: string;
+        selector: string;
+        result: "pass" | "fail" | "temperror" | "permerror";
+        aligned: boolean;
+        keyBits: number | null;
+        algo: string;
+      }[];
+    } | undefined;
   }>;
 }, "strip", z.ZodTypeAny, {
   id: string;
@@ -1200,6 +1394,24 @@ declare const emailReceivedEventSchema: z.ZodObject<{
         score: number;
       };
     } | undefined;
+    auth?: {
+      spf: "pass" | "fail" | "softfail" | "neutral" | "none" | "temperror" | "permerror";
+      dmarc: "pass" | "fail" | "none" | "temperror" | "permerror";
+      dmarcPolicy: "none" | "reject" | "quarantine" | null;
+      dmarcFromDomain: string | null;
+      dmarcSpfAligned: boolean;
+      dmarcDkimAligned: boolean;
+      dmarcSpfStrict: boolean | null;
+      dmarcDkimStrict: boolean | null;
+      dkimSignatures: {
+        domain: string;
+        selector: string;
+        result: "pass" | "fail" | "temperror" | "permerror";
+        aligned: boolean;
+        keyBits: number | null;
+        algo: string;
+      }[];
+    } | undefined;
   };
 }, {
   id: string;
@@ -1302,6 +1514,24 @@ declare const emailReceivedEventSchema: z.ZodObject<{
         score: number;
       };
     } | undefined;
+    auth?: {
+      spf: "pass" | "fail" | "softfail" | "neutral" | "none" | "temperror" | "permerror";
+      dmarc: "pass" | "fail" | "none" | "temperror" | "permerror";
+      dmarcPolicy: "none" | "reject" | "quarantine" | null;
+      dmarcFromDomain: string | null;
+      dmarcSpfAligned: boolean;
+      dmarcDkimAligned: boolean;
+      dmarcSpfStrict: boolean | null;
+      dmarcDkimStrict: boolean | null;
+      dkimSignatures: {
+        domain: string;
+        selector: string;
+        result: "pass" | "fail" | "temperror" | "permerror";
+        aligned: boolean;
+        keyBits: number | null;
+        algo: string;
+      }[];
+    } | undefined;
   };
 }>;
 /**
@@ -1353,4 +1583,4 @@ declare function validateEmailReceivedEvent(input: unknown): EmailReceivedEvent;
  * ```
  */
 declare function safeValidateEmailReceivedEvent(input: unknown): z.SafeParseReturnType<unknown, EmailReceivedEvent>; //#endregion
-export { WebhookValidationError, WebhookValidationErrorCode, emailAddressSchema, emailReceivedEventSchema, parsedDataCompleteSchema, parsedDataFailedSchema, parsedDataSchema, parsedErrorSchema, rawContentDownloadOnlySchema, rawContentInlineSchema, rawContentSchema, safeValidateEmailReceivedEvent, validateEmailReceivedEvent, webhookAttachmentSchema };
+export { WebhookValidationError, WebhookValidationErrorCode, dkimSignatureResultSchema, dkimSignatureSchema, dmarcPolicySchema, dmarcResultSchema, emailAddressSchema, emailAuthSchema, emailReceivedEventSchema, parsedDataCompleteSchema, parsedDataFailedSchema, parsedDataSchema, parsedErrorSchema, rawContentDownloadOnlySchema, rawContentInlineSchema, rawContentSchema, safeValidateEmailReceivedEvent, spfResultSchema, validateEmailReceivedEvent, webhookAttachmentSchema };

package/dist/zod.js

@@ -1,4 +1,4 @@
 import { WebhookValidationError } from "./errors-2CwICC_t.js";
-import { emailAddressSchema, emailReceivedEventSchema, parsedDataCompleteSchema, parsedDataFailedSchema, parsedDataSchema, parsedErrorSchema, rawContentDownloadOnlySchema, rawContentInlineSchema, rawContentSchema, safeValidateEmailReceivedEvent, validateEmailReceivedEvent, webhookAttachmentSchema } from "./zod-Ced9Kav9.js";
+import { dkimSignatureResultSchema, dkimSignatureSchema, dmarcPolicySchema, dmarcResultSchema, emailAddressSchema, emailAuthSchema, emailReceivedEventSchema, parsedDataCompleteSchema, parsedDataFailedSchema, parsedDataSchema, parsedErrorSchema, rawContentDownloadOnlySchema, rawContentInlineSchema, rawContentSchema, safeValidateEmailReceivedEvent, spfResultSchema, validateEmailReceivedEvent, webhookAttachmentSchema } from "./zod-CalKEwR4.js";
 
-export { WebhookValidationError, emailAddressSchema, emailReceivedEventSchema, parsedDataCompleteSchema, parsedDataFailedSchema, parsedDataSchema, parsedErrorSchema, rawContentDownloadOnlySchema, rawContentInlineSchema, rawContentSchema, safeValidateEmailReceivedEvent, validateEmailReceivedEvent, webhookAttachmentSchema };
+export { WebhookValidationError, dkimSignatureResultSchema, dkimSignatureSchema, dmarcPolicySchema, dmarcResultSchema, emailAddressSchema, emailAuthSchema, emailReceivedEventSchema, parsedDataCompleteSchema, parsedDataFailedSchema, parsedDataSchema, parsedErrorSchema, rawContentDownloadOnlySchema, rawContentInlineSchema, rawContentSchema, safeValidateEmailReceivedEvent, spfResultSchema, validateEmailReceivedEvent, webhookAttachmentSchema };

package/package.json

@@ -1,41 +1,22 @@
 {
   "name": "mymx",
-  "version": "0.3.5",
+  "version": "0.3.7",
   "description": "Official MyMX Node.js SDK for webhook signature verification",
   "type": "module",
-  "main": "./dist/index.cjs",
   "module": "./dist/index.js",
   "types": "./dist/index.d.ts",
   "exports": {
     ".": {
-      "import": {
-        "types": "./dist/index.d.ts",
-        "default": "./dist/index.js"
-      },
-      "require": {
-        "types": "./dist/index.d.cts",
-        "default": "./dist/index.cjs"
-      }
+      "types": "./dist/index.d.ts",
+      "default": "./dist/index.js"
     },
     "./zod": {
-      "import": {
-        "types": "./dist/zod.d.ts",
-        "default": "./dist/zod.js"
-      },
-      "require": {
-        "types": "./dist/zod.d.cts",
-        "default": "./dist/zod.cjs"
-      }
+      "types": "./dist/zod.d.ts",
+      "default": "./dist/zod.js"
     },
     "./contract": {
-      "import": {
-        "types": "./dist/contract.d.ts",
-        "default": "./dist/contract.js"
-      },
-      "require": {
-        "types": "./dist/contract.d.cts",
-        "default": "./dist/contract.cjs"
-      }
+      "types": "./dist/contract.d.ts",
+      "default": "./dist/contract.js"
     }
   },
   "sideEffects": false,
@@ -70,7 +51,7 @@
   },
   "homepage": "https://mymx.dev",
   "engines": {
-    "node": ">=18"
+    "node": ">=20"
   },
   "dependencies": {
     "zod": "^3.24.1"