Kittsil Kittsil - 29 days ago 9
PHP Question

DKIM Only works on Short Messages

The Problem:

I am using OpenDKIM with Postfix. The mail is generated in PHP using the following code and then sent with

mail()
:

// message
$message = "--$hash".PHP_EOL;
$message .= "Content-Type: text/plain; charset=\"iso-8859-1\"".PHP_EOL;
$message .= "Content-Transfer-Encoding: base64".PHP_EOL.PHP_EOL;
$message .= base64_encode($body).PHP_EOL.PHP_EOL;
$message .= "--$hash".PHP_EOL;


OpenDKIM works fine for any messages that are under 742 characters in length, but if the message is 742 characters or more, Google reports that the DKIM "
body hash did not verify
".

Looking at DKIM and Google, I can't find any information on what would cause this. I have tried multiple messages that are 741 characters (all pass) and multiple that are 742 characters (all fail).




Errors:

The only error is in Google's receipt of the email (which it says it can't authenticate):

dkim=neutral (body hash did not verify) header.i=@mailer.example.com;


/var/log/maillog
has the following (or something similar) on successful and unsuccessful emails:

Nov 5 00:58:57 ip-XX-XX-XX-XX opendkim[3953]: 7D2946081A: DKIM-Signature field added (s=default, d=mailer.example.com)





Solution:

As per @Adrien Lebner's solution below, it was a simple change from

base64_encode($body)


to

chunk_split(base64_encode($body), 76, PHP_EOL)


that fixed the issue.

Answer

What if you send the same content on mutiple lines ?

DKIM may break if line length is too long :

2.1.1. Line Length Limits

There are two limits that this specification places on the number of characters in a line. Each line of characters MUST be no more than 998 characters, and SHOULD be no more than 78 characters, excluding the CRLF.

Comments