DKIM 签名失败,body 哈希未验证 Mimekit 1.10.1.0,Mailkit 1.10.2.0
DKIM signing fails with body hash did not verify for Mimekit 1.10.1.0 , Mailkit 1.10.2.0
我在 DKIM 使用 Mailkit 和 Mimekit 签署 headers 时看到一个奇怪的问题,Gmail 报告错误 "dkim=neutral (body hash did not verify)"。
我是不是哪里做错了?请在下面找到我的代码,并附上实际收到的邮件的截图 。
string ReturnName = "DMC12";
string FromDomain = "backtothefuture.net";
string FromEmail = "marty@" + FromDomain;
string FromName = "Marty McFly";
string SenderName = "Marty McFly";
string ToEmail = "George.mcfly.1960@gmail.com";
string MailServer = "DMC12.large.timemachine.com";
string TextBody = @"If you put your mind to it, you can accomplish anything. One other thing. If you guys ever have kids, and one of them, when he's eight years old, accidentally sets fire to the living room rug... go easy on him!";
string HtmlBody = string.Format(@"<b>如果你把你的头脑,它可以完成任何事情。 另一件事。 如果你们有孩子,其中一个,当他八岁时,不小心把火烧在客厅地毯上...去容易对他!</b>");
string Subject = "Message from Marty (1960)!";
string ToName = "George McFly";
string DKIMdomain = FromDomain;
string DKIMSigner = "btfreturns.com";
string ReturnEmail = "DocBrown@" + MailServer;
string SenderEmail = "marty@" + MailServer;
string privatekey = System.IO.File.ReadAllText("dkim.private.key");
var client = new SmtpClient(new ProtocolLogger("smtp.txt")); // logging SMTP connections
try
{
client.Connect(MailServer, 25);
}
catch (SmtpCommandException ex)
{
Console.WriteLine("Error trying to connect: {0}", ex.Message);
Console.WriteLine("\tStatusCode: {0}", ex.StatusCode);
return;
}
catch (SmtpProtocolException ex)
{
Console.WriteLine("Protocol error while trying to connect: {0}", ex.Message);
return;
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
return;
}
client.LocalDomain = MailServer;
var message = new MimeMessage();
MailboxAddress RecepientAddress = new MailboxAddress(ToName, ToEmail);
message.From.Add(new MailboxAddress(FromName, FromEmail)); // From Address
var builder = new BodyBuilder();
builder.TextBody = TextBody;
builder.HtmlBody = HtmlBody;
List<MailboxAddress> To = new List<MailboxAddress>();
To.Add(RecepientAddress);
message.Subject = Subject;
message.Body = builder.ToMessageBody();
message.Sender = new MailboxAddress(SenderName, SenderEmail); // Sender Address
message.To.Add(RecepientAddress);
message.MessageId = Guid.NewGuid().ToString("N") + "@" + new System.Net.Mail.MailAddress(message.Sender.Address).Host;
using (Stream s = (new MemoryStream(Encoding.UTF8.GetBytes(privatekey ?? ""))))
{
var headersToSign = new[] { HeaderId.From, HeaderId.To, HeaderId.Subject, HeaderId.Date, HeaderId.MessageId };
var signer = new DkimSigner(s, DKIMdomain, DKIMSigner);
signer.SignatureAlgorithm = DkimSignatureAlgorithm.RsaSha1;
message.Sign(signer, headersToSign, DkimCanonicalizationAlgorithm.Relaxed, DkimCanonicalizationAlgorithm.Relaxed);
}
client.Send(message, new MailboxAddress(ReturnName, ReturnEmail), To);
client.Disconnect(true);
client.Connect(MailServer, 25);
client.Dispose();
问题是您没有在 DKIM 签署邮件之前调用 message.Prepare()
。这是非常重要的一步,因为它将邮件正文的所有 MIME 部分强制转换为适当的编码以用于传输。
请注意,如果您不使用适当的编码约束值调用 Prepare()
,则 SmtpClient.Send()
方法将在您 之后结束DKIM 签署了消息,从而使签名无效。
我的建议是使用 EncodingConstraint.SevenBit
以获得最大的互操作性。
但是,如果您确信您的 SMTP 服务器和您的邮件将通过的所有其他 SMTP 服务器都支持 8BITMIME
扩展名,那么您可以尝试使用 EncodingConstraint.EightBit
。
我在 DKIM 使用 Mailkit 和 Mimekit 签署 headers 时看到一个奇怪的问题,Gmail 报告错误 "dkim=neutral (body hash did not verify)"。
我是不是哪里做错了?请在下面找到我的代码,并附上实际收到的邮件的截图
string ReturnName = "DMC12";
string FromDomain = "backtothefuture.net";
string FromEmail = "marty@" + FromDomain;
string FromName = "Marty McFly";
string SenderName = "Marty McFly";
string ToEmail = "George.mcfly.1960@gmail.com";
string MailServer = "DMC12.large.timemachine.com";
string TextBody = @"If you put your mind to it, you can accomplish anything. One other thing. If you guys ever have kids, and one of them, when he's eight years old, accidentally sets fire to the living room rug... go easy on him!";
string HtmlBody = string.Format(@"<b>如果你把你的头脑,它可以完成任何事情。 另一件事。 如果你们有孩子,其中一个,当他八岁时,不小心把火烧在客厅地毯上...去容易对他!</b>");
string Subject = "Message from Marty (1960)!";
string ToName = "George McFly";
string DKIMdomain = FromDomain;
string DKIMSigner = "btfreturns.com";
string ReturnEmail = "DocBrown@" + MailServer;
string SenderEmail = "marty@" + MailServer;
string privatekey = System.IO.File.ReadAllText("dkim.private.key");
var client = new SmtpClient(new ProtocolLogger("smtp.txt")); // logging SMTP connections
try
{
client.Connect(MailServer, 25);
}
catch (SmtpCommandException ex)
{
Console.WriteLine("Error trying to connect: {0}", ex.Message);
Console.WriteLine("\tStatusCode: {0}", ex.StatusCode);
return;
}
catch (SmtpProtocolException ex)
{
Console.WriteLine("Protocol error while trying to connect: {0}", ex.Message);
return;
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
return;
}
client.LocalDomain = MailServer;
var message = new MimeMessage();
MailboxAddress RecepientAddress = new MailboxAddress(ToName, ToEmail);
message.From.Add(new MailboxAddress(FromName, FromEmail)); // From Address
var builder = new BodyBuilder();
builder.TextBody = TextBody;
builder.HtmlBody = HtmlBody;
List<MailboxAddress> To = new List<MailboxAddress>();
To.Add(RecepientAddress);
message.Subject = Subject;
message.Body = builder.ToMessageBody();
message.Sender = new MailboxAddress(SenderName, SenderEmail); // Sender Address
message.To.Add(RecepientAddress);
message.MessageId = Guid.NewGuid().ToString("N") + "@" + new System.Net.Mail.MailAddress(message.Sender.Address).Host;
using (Stream s = (new MemoryStream(Encoding.UTF8.GetBytes(privatekey ?? ""))))
{
var headersToSign = new[] { HeaderId.From, HeaderId.To, HeaderId.Subject, HeaderId.Date, HeaderId.MessageId };
var signer = new DkimSigner(s, DKIMdomain, DKIMSigner);
signer.SignatureAlgorithm = DkimSignatureAlgorithm.RsaSha1;
message.Sign(signer, headersToSign, DkimCanonicalizationAlgorithm.Relaxed, DkimCanonicalizationAlgorithm.Relaxed);
}
client.Send(message, new MailboxAddress(ReturnName, ReturnEmail), To);
client.Disconnect(true);
client.Connect(MailServer, 25);
client.Dispose();
问题是您没有在 DKIM 签署邮件之前调用 message.Prepare()
。这是非常重要的一步,因为它将邮件正文的所有 MIME 部分强制转换为适当的编码以用于传输。
请注意,如果您不使用适当的编码约束值调用 Prepare()
,则 SmtpClient.Send()
方法将在您 之后结束DKIM 签署了消息,从而使签名无效。
我的建议是使用 EncodingConstraint.SevenBit
以获得最大的互操作性。
但是,如果您确信您的 SMTP 服务器和您的邮件将通过的所有其他 SMTP 服务器都支持 8BITMIME
扩展名,那么您可以尝试使用 EncodingConstraint.EightBit
。