| NOTES | 
DKIM_STAT_NOKEY is returned if the DNS query for a selector
    (public key) record returned with NXDOMAIN, i.e. the record
    does not exist; this should be considered a permanent failure.
DKIM_STAT_CANTVRFY is returned if the DNS query for a selector
    (public key) record timed out or suffered some other kind of transient
    failure; verification can be re-attempted later.
DKIM_STAT_SYNTAX is returned to indicate required data could
    not be extracted from the arriving message to be signed or verified,
    or if a selector (public key) record returned from a DNS query could
    not be parsed (e.g. corrupted, wrong format, etc.).
DKIM_STAT_NOSIG can be returned early, i.e. from
    dkim_eoh(), if no signature was found
    on a message which is being verified.  See that function's description
    for further details.
DKIM_STAT_INTERNAL can be returned on system error (e.g.
    malloc() failure), or if functions provided by this API are
    called in the incorrect order (e.g.
    dkim_getsighdr() before
    dkim_eom(), or
    dkim_header() after
    dkim_eoh(), etc.).
DKIM_STAT_REVOKED is returned when a key found in a signature
    has been revoked and thus is no longer valid.
DKIM_STAT_INVALID is returned when a function in this library
    is called with at least one invalid parameter.
DKIM_STAT_NOTIMPLEMENT is returned when an attempt is made
    to use a feature that is not yet implemented.
DKIM_STAT_KEYFAIL is returned when a key retrieval operation
    failed for some transient reason; the caller should try again later
DKIM_STAT_CBINVALID is returned when a library function used
    a user-provided callback function which returned
    DKIM_CBSTAT_INVALID, indicating invalid input
DKIM_STAT_CBREJECT is returned when a library function used
    a user-provided callback function which returned
    DKIM_CBSTAT_REJECT, explicitly requesting message rejection
DKIM_STAT_CBTRYAGAIN is returned when a library function used
    a user-provided callback function which returned
    DKIM_CBSTAT_TRYAGAIN, which indicates the callback could not
    complete now but might work later
DKIM_STAT_CBERROR is returned when a library function used
    a user-provided callback function which returned
    DKIM_CBSTAT_ERROR, which indicates the callback failed
 |