2

I am using DKIM for JavaMail to sign outgoing mails with DKIM. Now, I would like to add a DomainKey-Signature. From reading through the docs, specs and other related posts I know that the signing process is almost identical (using the same algorithm, DNS entries, etc.). The only difference is that DKIM offers more options, e.g. In choosing which fields to sign. That makes it easy to select the signing fields (e.g. From, Subject) and generate the right hash values.

For DomainKeys I could not figure out which mail parts to hash though. I read the docs but it is not clearly stated if you should only hash the body or the entire source code. On a different website it says

DomainKeys uses the ‘From’, and ‘Sender’ headers, as well as the message body, in combination with the Private Key to generate a DomainKeys signature

That makes sense - but what does it mean for my other header fields (e.g. Date, Message-ID) and what is meant by message body?

So my overall question is:

What input (mail parts) do I use to generate the DomainKey hash?

Community
  • 1
  • 1
Horen
  • 11,184
  • 11
  • 71
  • 113

2 Answers2

0

To find which header field signed by "DKIM for JavaMail" have a look into the source "DKIMSigner.java", they are specified in the array " String[] defaultHeadersToSign".

Body means the message itself (stripped down simplified structure of an email: header fields + one empty line + body).

SubOptimal
  • 22,518
  • 3
  • 53
  • 69
  • I'm not trying to sign with DKIM (that works perfectly). I'm talking about DomainKeys (two different things) – Horen Jun 05 '14 at 12:57
  • Sorry I misunderstoud your question. I was not aware you are speaking about RFC4870 (thought you mean RFC4871). For Domainkey-Signatur have a look at this post: http://www.example-code.com/java/domainKey_add_signature.asp – SubOptimal Jun 06 '14 at 10:26
0

There is no need to use the depricated DomainKeys anymore, if you are already using DKIM. You may want have a look at this Implementation http://www.badpenguin.co.uk/dkim/

s.meissner
  • 506
  • 2
  • 5
  • 17