ApplicationPgpSignature Class

ApplicationPkcs7Mime Class

ApplicationPkcs7Signature Class

ArcHeaderValidationResult Class

ArcSignatureValidationResult Enumeration

ArcSigner Class

ArcValidationErrors Enumeration

ArcValidationResult Class

ArcVerifier Class

AsymmetricAlgorithmExtensions Class

AuthenticationMethodProperty Class

AuthenticationMethodResult Class

AuthenticationResults Class

BouncyCastleCertificateExtensions Class

BouncyCastleSecureMimeContext Class

CertificateNotFoundException Class

CmsRecipient Class

CmsRecipientCollection Class

CmsSigner Class

CryptographyContext Class

DefaultSecureMimeContext Class

DigestAlgorithm Enumeration

DigitalSignatureCollection Class

DigitalSignatureVerifyException Class

DkimCanonicalizationAlgorithm Enumeration

DkimPublicKeyLocatorBase Class

DkimSignatureAlgorithm Enumeration

DkimSigner Class

DkimSignerBase Class

DkimVerifier Class

DkimVerifierBase Class

EncryptionAlgorithm Enumeration

GnuPGContext Class

IApplicationPgpEncrypted Interface

IApplicationPgpSignature Interface

IApplicationPkcs7Mime Interface

IApplicationPkcs7Signature Interface

ICryptographyContext Interface

IDigitalCertificate Interface

IDigitalSignature Interface

IDkimPublicKeyLocator Interface

IMultipartEncrypted Interface

IMultipartSigned Interface

ISecureMimeContext Interface

IX509CertificateDatabase Interface

MultipartEncrypted Class

MultipartSigned Class

OpenPgpContext Class

OpenPgpDataType Enumeration

OpenPgpDetectionFilter Class

OpenPgpDigitalCertificate Class

OpenPgpDigitalSignature Class

OpenPgpKeyCertification Enumeration

PrivateKeyNotFoundException Class

PublicKeyAlgorithm Enumeration

PublicKeyNotFoundException Class

RsaEncryptionPadding Class

RsaEncryptionPaddingScheme Enumeration

RsaSignaturePadding Class

RsaSignaturePaddingScheme Enumeration

SecureMailboxAddress Class

SecureMimeContext Class

SecureMimeDigitalCertificate Class

SecureMimeDigitalSignature Class

SecureMimeType Enumeration

SqlCertificateDatabase Class

SqliteCertificateDatabase Class

SQLServerCertificateDatabase Class

SubjectIdentifierType Enumeration

TemporarySecureMimeContext Class

WindowsSecureMimeContext Class

WindowsSecureMimeDigitalCertificate Class

WindowsSecureMimeDigitalSignature Class

X509Certificate2Extensions Class

X509CertificateChain Class

X509CertificateDatabase Class

X509CertificateRecord Class

X509CertificateRecordFields Enumeration

X509CertificateStore Class

X509CrlRecord Class

X509CrlRecordFields Enumeration

X509KeyUsageFlags Enumeration

DkimCanonicalizationAlgorithm Enumeration

A DKIM canonicalization algorithm.

Namespace: MimeKit.Cryptography
Assembly: MimeKit (in MimeKit.dll) Version: 4.7.1

Syntax

Copy

public enum DkimCanonicalizationAlgorithm

Members

Member name	Value	Description
Simple	0	The simple canonicalization algorithm tolerates almost no modification by mail servers while the message is in-transit.
Relaxed	1	The relaxed canonicalization algorithm tolerates common modifications by mail servers while the message is in-transit such as whitespace replacement and header field line rewrapping.

Remarks

Empirical evidence demonstrates that some mail servers and relay systems modify email in transit, potentially invalidating a signature. There are two competing perspectives on such modifications. For most signers, mild modification of email is immaterial to the authentication status of the email. For such signers, a canonicalization algorithm that survives modest in-transit modification is preferred.

Other signers demand that any modification of the email, however minor, result in a signature verification failure. These signers prefer a canonicalization algorithm that does not tolerate in-transit modification of the signed email.

Example

Copy

public static void DkimSign (MimeMessage message)
{
    var headers = new HeaderId[] { HeaderId.From, HeaderId.Subject, HeaderId.Date };
    var signer = new DkimSigner ("privatekey.pem", "example.com", "brisbane", DkimSignatureAlgorithm.RsaSha256) {
HeaderCanonicalizationAlgorithm = DkimCanonicalizationAlgorithm.Simple,
BodyCanonicalizationAlgorithm = DkimCanonicalizationAlgorithm.Simple,
        AgentOrUserIdentifier = "@eng.example.com",
        QueryMethod = "dns/txt",
    };

    // Prepare the message body to be sent over a 7bit transport (such as older versions of SMTP).
    // Note: If the SMTP server you will be sending the message over supports the 8BITMIME extension,
    // then you can use `EncodingConstraint.EightBit` instead.
    message.Prepare (EncodingConstraint.SevenBit);

    signer.Sign (message, headers);
}

Reference

MimeKit.Cryptography Namespace