Click or drag to resize

DkimCanonicalizationAlgorithm Enumeration

A DKIM canonicalization algorithm.

Namespace:  MimeKit.Cryptography
Assembly:  MimeKit (in MimeKit.dll) Version: 2.14.0
public enum DkimCanonicalizationAlgorithm
  Member nameValueDescription
Simple0 The simple canonicalization algorithm tolerates almost no modification by mail servers while the message is in-transit.
Relaxed1 The relaxed canonicalization algorithm tolerates common modifications by mail servers while the message is in-transit such as whitespace replacement and header field line rewrapping.

Empirical evidence demonstrates that some mail servers and relay systems modify email in transit, potentially invalidating a signature. There are two competing perspectives on such modifications. For most signers, mild modification of email is immaterial to the authentication status of the email. For such signers, a canonicalization algorithm that survives modest in-transit modification is preferred.

Other signers demand that any modification of the email, however minor, result in a signature verification failure. These signers prefer a canonicalization algorithm that does not tolerate in-transit modification of the signed email.

public static void DkimSign (MimeMessage message)
    var headers = new HeaderId[] { HeaderId.From, HeaderId.Subject, HeaderId.Date };
    var signer = new DkimSigner ("privatekey.pem", "", "brisbane", DkimSignatureAlgorithm.RsaSha256) {
HeaderCanonicalizationAlgorithm = DkimCanonicalizationAlgorithm.Simple,
BodyCanonicalizationAlgorithm = DkimCanonicalizationAlgorithm.Simple,
        AgentOrUserIdentifier = "",
        QueryMethod = "dns/txt",

    // Prepare the message body to be sent over a 7bit transport (such as older versions of SMTP).
    // Note: If the SMTP server you will be sending the message over supports the 8BITMIME extension,
    // then you can use `EncodingConstraint.EightBit` instead.
    message.Prepare (EncodingConstraint.SevenBit);

    signer.Sign (message, headers);
See Also