Your question, your audience. Choose who sees your identity—and your question—with question security.
try {
msg = new FileInputStream("/home/mark/mymail.txt");
DkimSignature dksig = new DkimSignature("savage", "badpenguin.co.uk");
dksig.setMethod(CanonicalMethod.RELAXED);
dksig.setItag("dkim@badpenguin.co.uk");
dksig.addHeader("received");
Signer signer = new Signer(dksig,key);
String header = signer.signMail(msg);
System.out.println(header);
msg.close();
} catch (DkimException d) {
if ( d.getError().equals(DkimError.TEMPFAIL)) {
// message failed, but may succeed later
} else if ( d.getError().equals(DkimError.PERMFAIL)) {
// message failed and will never verify
} else {
// domainkey error
}
} catch (Exception e) {
e.printStackTrace();
}
import javax.mail.Session;
import javax.mail.Transport;
import javax.mail.internet.MimeMessage;
import badpenguin.dkim.Signer;
Session session;
Transport transport;
RSAPrivateKey privateKey;
...
MimeMessage mimeMessage = new MimeMessage(session);
mimeMessage.setFrom( new InternetAddress("fromEmail@myOrganization.com") );
mimeMessage.addRecipients(RecipientType.TO, new InternetAddress[] { new InternetAddress("toEmail@yourOrganization.com") } );
mimeMessage.setSubject( "The Subject" );
mimeMessage.setText( "The message content." );
Signer signer = Signer("mySelector", "myOrganization.com", "rsa-sha256", privateKey);
String signature = signer.signMail( ? WHAT GOES HERE ? );
mimeMessage.setHeader("DKIM-Signature", signature);
transport.sendMessage(mimeMessage, mimeMessage.getAllRecipients());
InputStream in = mimeMessage.getInputStream();
String signature = signer.signMail(in);
in.close();
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
From novice to tech pro — start learning today.
1. The Canonicaliser will crash with a NullPointerException if one of the headers specified to sign (h field) does not exist in the MimeMessage. According to RFC4871 section 3.5 missing headers should be ignored.
2. dkim will pass on the receiving end ONLY IF I add a preceeding CRLF to the body content being signed (this is I am "hacking" a CRLF in front of the body content in the MailMessage class but not the actual message). It seems that the JavaMail SMTP implementation is adding this precceding CRLF to the real message; JavaMail release notes claim this was fixed in release 1.4.1 and I am using release 1.4.3, so I am a bit confused about what is up with this.
So, despite getting it working, I remain concerned about this approach of trying to sign using a MimeMessage object instead of the literal stream of text that JavaMail's SMTP implementation is actually transmitting to the server. It seems to work though, for now. To emphesize my concern I point to the last paragraph in RFC4871 Section 5.3: "More generally, the signer MUST sign the message as it is expected to be received by the verifier rather than in some local or internal form."
Open in new window