What's exactly body means in DKIM

4
votes

Normally a mail will send both html part and plain text part, like this:

... Headers ...

This is a multi-part message in MIME format.

--q17TlmNAFniw=_?: Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit

... Text content ...

--q17TlmNAFniw=_?: Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit

... Html content ...

--q17TlmNAFniw=_?:--

In dkim, the body to hash measn which one?

  • All content after ... Headers ...
  • All content after ... Headers ... but without content boundary
  • Html/Text Content with MIME Headers
  • HTml/Text Content without MIME Headers
2
emaildkim
Section 3.4.3 and 3.4.4 might help you ietf.org/rfc/rfc4871.txtSTLMikey

2 Answers

3
votes

When using the 'relaxed' DKIM canonicalization algorithm I have found that hashing the following results in a validating body hash and a valid DKIM signature for multipart/alternative emails (<CRLF> added for clarity, note the trailing <CRLF>)

--boundary<CRLF>
Content-Type: text/plain<CRLF>
Content-Transfer-Encoding: quoted-printable<CRLF>
<CRLF>
foo<CRLF>
--boundary<CRLF>
Content-Type: text/html<CRLF>
Content-Transfer-Encoding: quoted-printable<CRLF>
<CRLF>
bar<CRLF>
--boundary--<CRLF>
0
votes

It depends on the canonicalization algorithm you are using. See http://www.dkim.org/specs/rfc4871-dkimbase.html#canonicalization