Using domainkeys with php mail command

How to use domainkeys with php mail()  function. Please give an example. I have both private key and public key for the purpose.
LVL 8
biztigerAsked:
Who is Participating?
 
CSecurityConnect With a Mentor Commented:
See, it seems it's encrypted hash, see this:

http://forums.devnetwork.net/viewtopic.php?f=34&t=82089
<?php
 
// initialize key
$privatePem = "-----BEGIN RSA PRIVATE KEY-----
MIII5RV/0k9USo...etc...hXF2Vh7T4yfT5QN
-----END RSA PRIVATE KEY-----";
 
$encKey = @openssl_pkey_get_private( $privatePem );
if (!$encKey) die("Unable to extract encryption key");
 
// setup email message
$to        = "example@gmail.com"; // random gmail or yahoo test account
$myAddress = "myname@mydomain.com";
$subject   = "Hello";
$body      = "Hi, this is a test message";
 
$fromHeader = "From: $myAddress";
 
// create canonicalizated message (using 'simple' convention)
$canonLines = array();
$canonLines[] = $fromHeader;
$canonLines[] = ""; // the empty line between headers and body
$canonLines[] = $body; // body just consists of one line here (with no line-ending)
 
$crlf = "\r\n";
$canonTxt = implode($crlf,$canonLines).$crlf;
 
// create checksum
$hexHash = sha1($canonTxt); // this is for php4 compatibility,
$rawHash = pack('H*',$hexHash); // with php5 we can simply do sha1($txt,true) to get binary result
 
// encrypt + encode
if (!@openssl_private_encrypt( $rawHash, $encryptedHash, $encKey )) die("Unable to encrypt hash");
$dkey = base64_encode($encryptedHash);
 
// setup custom headers
$headers = "DomainKey-Signature: a=rsa-sha1; s=mail; d=mydomain.com; h=From; q=dns; c=simple; b=$dkey;\n";
$headers .= "$fromHeader\n";
 
// send mail
$success = mail( $to , $subject , $body , $headers );
die( $success ? "mail sent" : "mail NOT sent" );
 
?>

Open in new window

0
 
biztigerAuthor Commented:
I've added the dns entry, but how to digitally sign my email using private key.
0
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

 
biztigerAuthor Commented:
In that example email is signed using a BASH script, not in php.
0
 
CSecurityCommented:
Have you tried:
Where $DKEY is content of your key
$headers .= "DomainKey-Signature: a=rsa-sha1; s=mail; d=mydomain.com; h=From; q=dns; c=simple; b=$dkey;\n";

$success = mail( $to , $subject , $body , $headers );  

Open in new window

0
 
biztigerAuthor Commented:
$dkey is public key or private key??
0
 
biztigerAuthor Commented:
Thanks. I will test this and let you know soon.
0
 
biztigerAuthor Commented:
Sorry about that..
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.