Click or drag to resize
MimeKit

DkimCanonicalizationAlgorithm Enumeration

A DKIM canonicalization algorithm.

Namespace: MimeKit.Cryptography
Assembly: MimeKit (in MimeKit.dll) Version: 4.3.0
Syntax
C#
public enum DkimCanonicalizationAlgorithm
Members
Member nameValueDescription
Simple0 The simple canonicalization algorithm tolerates almost no modification by mail servers while the message is in-transit.
Relaxed1 The relaxed canonicalization algorithm tolerates common modifications by mail servers while the message is in-transit such as whitespace replacement and header field line rewrapping.
Remarks

Empirical evidence demonstrates that some mail servers and relay systems modify email in transit, potentially invalidating a signature. There are two competing perspectives on such modifications. For most signers, mild modification of email is immaterial to the authentication status of the email. For such signers, a canonicalization algorithm that survives modest in-transit modification is preferred.

Other signers demand that any modification of the email, however minor, result in a signature verification failure. These signers prefer a canonicalization algorithm that does not tolerate in-transit modification of the signed email.

Example
C#
public static void DkimSign (MimeMessage message)
{
    var headers = new HeaderId[] { HeaderId.From, HeaderId.Subject, HeaderId.Date };
    var signer = new DkimSigner ("privatekey.pem", "example.com", "brisbane", DkimSignatureAlgorithm.RsaSha256) {
HeaderCanonicalizationAlgorithm = DkimCanonicalizationAlgorithm.Simple,
BodyCanonicalizationAlgorithm = DkimCanonicalizationAlgorithm.Simple,
        AgentOrUserIdentifier = "@eng.example.com",
        QueryMethod = "dns/txt",
    };

    // Prepare the message body to be sent over a 7bit transport (such as older versions of SMTP).
    // Note: If the SMTP server you will be sending the message over supports the 8BITMIME extension,
    // then you can use `EncodingConstraint.EightBit` instead.
    message.Prepare (EncodingConstraint.SevenBit);

    signer.Sign (message, headers);
}
See Also