It's a common question I hear when people are diving into the technical details of email authentication: does DKIM sign the email body or just the headers? The short answer is that it signs both. DKIM, which stands for DomainKeys Identified Mail, is designed to protect the integrity of an email message, ensuring that key parts of it haven't been altered on its journey from the sender to the recipient.
At its core, DKIM works by adding a digital signature to an email. This isn't a signature you can see, like a name at the bottom of a message. Instead, it's a cryptographic signature contained within a special email header. As eSecurity Planet explains, when a message arrives with this signature, the receiving server can verify it to confirm the email's authenticity.
The details of what gets signed
The power of DKIM lies in what it chooses to sign. It doesn't just sign the entire email as one big block. Instead, it selectively signs the most important components: a specific set of headers and the message body. This is all managed through the DKIM-Signature header, which is added to the email by the sending mail server.
This special header contains several important tags, but a few are critical to understanding what gets signed:
- The h= tag: This tag lists the headers that are included in the signature. The sending server chooses which headers to sign. Typically, this includes crucial headers like From, To, Subject, and Date. By signing these headers, DKIM ensures that an attacker can't change the apparent sender or the subject line without invalidating the signature. As noted by EmailKarma.net, this helps recipients verify the message hasn't been altered.
- The bh= tag: This is the "body hash." It is a hash (a unique digital fingerprint) of the message body. This confirms that the content of the email, from the text to any HTML, has not been tampered with since it was sent. The team at debugging.works puts it clearly: the mail server "signs the email headers and body with a known key."
- The b= tag: This is the actual signature itself. It's a hash of the headers listed in the h= tag (which also includes the body hash bh= value), all encrypted with the sender's private key.
How canonicalization affects the signature
One of the complexities of email is that different mail servers can make tiny, insignificant changes to a message in transit, like adding extra whitespace or rewrapping long lines of text. Normally, this would change the hash and break the DKIM signature. To prevent this, DKIM uses a process called "canonicalization" to normalize the headers and body before they are hashed.
There are two main canonicalization algorithms: simple and relaxed. The simple algorithm is very strict and tolerates almost no changes, while the relaxed algorithm allows for common modifications like changes in whitespace. Most senders use the relaxed setting for both the header and body to prevent legitimate emails from failing DKIM checks due to minor, harmless modifications made by intermediate mail servers.
The final verdict
So, to come back to the original question: DKIM absolutely signs the email body, and it also signs a selection of the most important email headers. The body's integrity is protected via the body hash (bh=), and the headers' integrity is protected by including them in the final signature hash (b=). This dual approach is what allows DKIM to effectively verify that a message is authentic and has not been maliciously altered.
