3 - dkim check
DKIM (DomainKeys Identified Mail) allows senders to prove that email was actually sent by them and has not been modified after being sent.
It achieves this by affixing a digital signature (seal), linked to a domain name, to each outgoing email message.
SpamStop will add a subject prefix, only if the message has not been signed correctly:
:: dkim-none :: no DKIM-Signature headers (valid or invalid) were found :: dkim-fail :: a valid DKIM-Signature header was found, but the signature does not contain a correct value for the message
Sometimes it’s not possible to execute the check:
:: dkim-invalid :: there is a problem in the signature itself or the public key record. I.e. the signature could not be processed :: dkim-temperror :: some error was found which is likely transient in nature, such as a temporary inability to retrieve a public key
If the message has been signed using a different domain, a “diff” alert will be added to the subject:
:: dkim-diff :: the message has NOT been signed by the sender's domain