DKIM in .NET MailMessage and AlternativeViews

Asked 4/6, 2011 at 15:58 Answered 17/6, 2015 at 21:52

I am using DKIM.NET (https://github.com/dmcgiv/DKIM.Net) to sign a MailMessage before sending it to a recipient. The problem i am facing is that the component above signs MailMessage's Body (mailMessage.Body) while I am inserting content as both HTML and plain text in the form of AlternativeViews.

The result is that my mailMessage.Body is null but the received messsage's body contains my alternative views therefore DKIM does not verify correctly.

Is there any way to resolve this problem? Maybe sign the HTML and Plain text alternative views before assigning them to the MailMessage object? Or maybe using another component?

EDIT:

Since I started this question I 've created a project at https://github.com/yannispsarras/DKIM-AlternativeViews - This is by no means complete or stable but I m posting it here in case its of any use to anyone looking to find a solution for signed alternative views in .NET.

Core answered 4/6, 2011 at 15:58 Comment(1)

possible duplicate of How to Domainkeys/DKIM email signing using the C# SMTP client? – Wonderment 18/6, 2015 at 11:57

I've added full support for generating and verifying DKIM signatures in MimeKit which is open source (License: MIT) and completely free for commercial use.

If you also need SMTP, POP3, and/or IMAP support, check out MailKit which is built on top of MimeKit.

Since MimeKit and MailKit do not generate a new set of boundary strings each time they are written to a stream, they do not suffer from the problems you will face using System.Net.Mail and DKIM.Net[1] (not DKIM.Net's fault, to be clear).

To add a DKIM signature to a message in MimeKit, you would do something like this:

var message = CreateMyMessage ();
var headersToSign = new [] { HeaderId.From, HeaderId.To, 
    HeaderId.Subject, HeaderId.Date };
var signer = new DkimSigner ("C:\my-dkim-key.pem") {
   AgentOrUserIdentifier = "@eng.example.net",
   Domain = "example.net",
   Selector = "brisbane",
};

message.Sign (signer, headersToSign, 
    DkimCanonicalizationAlgorithm.Relaxed, 
    DkimCanonicalizationAlgorithm.Simple);

To send the message using MailKit, you would do something like this:

using (var client = new SmtpClient ()) {
    client.Connect ("smtp.gmail.com", 465, true);
    client.Authenticate ("username", "password");
    client.Send (message);
    client.Disconnect (true);
}

Notes:

Since System.Net.Mail.SmtpClient generates a new set of boundary markers for multipart messages (which is what is used when you have attachments or AlternativeViews), you cannot use DKIM.Net to sign said messages because the signature will break when you actually go to send the message because the MIME-formatted message body will have changed.

Wonderment answered 17/6, 2015 at 21:52 Comment(0)

You can try Mail.dll email component it supports DKIM, both: signing and validation:

http://www.limilabs.com/blog/sign-emails-with-dkim

The component is not free however, please also note that I wrote it.

Lettuce answered 6/8, 2011 at 18:9 Comment(4)

Hi Pawel, thanks for your answer - how fast is that component of yours? also can i still use the native SmtpClient? – Core 13/8, 2011 at 9:36

If you must use native SmtpClient, you can use Mail.dll to create email, save it to disk and then use SmtpDeliveryMethod.SpecifiedPickupDirectory. I've never compared the speed of Mail.dll and SmtpClient but it should be comparable. – Lettuce 13/8, 2011 at 11:15

I need some more info that i cant find in your blog. what technology does mail.dll use? is it a COM component? is it managed code? how can you create a mail sending component and not test it against the baseline? – Core 13/8, 2011 at 20:2

Mail.dll is written entirely in managed code. Works with Mono, .NET 2.0, 3.0, 3.5 and 4.0. It's not only email sending component. It's IMAP, POP3, SMTP client, email parser, template engine and more. .NET SmtpClient is not a reference for it as it does only small fraction of what Mail.dll can do. – Lettuce 14/8, 2011 at 7:50

I've updated the read me on the DKIM.Net site to explain this limitation. It's basically due to the way System.Net.Mail.SmtpClient generates boundaries to seperate alternative views or attachments - they are new Guids so each time the message is sent the boundary id changes - if the content changes then the signing fails. The code hacks SmptClient to get the full content of the email by Sending the MailMessage using a dummy stream.

Cyperaceous answered 15/11, 2011 at 1:14 Comment(3)

Thanks very much for your feedback. Since I posted this question I decided to write my own SmtpClient library to send DKIM signed emails via .NET apps. Unfortunately I ve had enough trying out SMTP libraries that claim to overcome this issue only to later ind that have different sets of issues (most commonly performance limitations). Thanks – Core 16/11, 2011 at 8:41

@Core you should really check out MailKit which I assure you does not have any performance limitations and due to the fact that it uses PIPELINING, should be faster than System.Net.Mail.SmtpClient. – Wonderment 17/6, 2015 at 21:55

I appreciate it but this is a very old question. A lot has happened since then but thanks for posting your suggestion – Core 17/6, 2015 at 23:4

Recommended topics

Hot tags