This help section describes the DKIM Test Settings dialog of ORF.
Emails that fail the signature or body hash verification are blacklisted by default. However, many times signatures do not verify for other reasons, such as due to a missing key or a configuration error in the public key record or in the signature itself. Enable this option to blacklist emails not only on “fail” but on “netutral” and “permerror” results as well. Click the Edit... button to specify which error event should result in a blacklist hit.
Control how much time ORF may spend with evaluating the DKIM signatures. As evaluation may require multiple DNS lookups, it is recommended to limit the maximum time to avoid email transmission timeouts.
A single email may contain several digital signatures. This value controls the maximum number of signatures to be tested.
Use this list to exclude specific senders from the DKIM test by the sender email address or domain.
Use this to verify whether the sender is actually authorized to send emails on behalf of the domain it claims to represent and not just spoofing it to bypass filtering: If the sending domain has a published SPF policy, the email must "pass" the SPF evaluation to be excluded from filtering.
Use this list to exclude specific senders from the DKIM test by the sender IP address or network range.
Set this checkbox to log DKIM evaluation results, even if the email was not blacklisted. The evaluation result appears in the log as a separate entry and logged only if the email was signed.
Set this checkbox to include a detailed summary of the tested signatures in the DKIM log messages.