DKIM, or DomainKeys Identified Mail, is a cornerstone of modern email authentication. It allows a receiving mail server to verify that an email was genuinely sent from the domain it claims to be from and that its content hasn't been tampered with in transit. It achieves this by adding a digital signature to the email's headers. This signature is made up of various components, known as tags, each serving a specific purpose. One of the lesser-known, and more dangerous, tags is the body length tag, or 'l' tag.
At its core, the 'l' tag is straightforward. It's a value within the DKIM signature that tells the receiving server how much of the email's body, in bytes, was used to create the signature. The official specification, RFC 6376, defines it as the "body length count", which allows a sender to sign only a portion of the message body.
The original intent was to handle cases where email content might be slightly modified in transit, for example, by mailing list servers that append footers to messages. By only signing the initial part of the email, the sender could ensure the core message passed DKIM validation even if a footer was added later. However, this flexibility introduces a significant security flaw.
The security vulnerability of the 'l' tag
The primary danger of using the 'l' tag is that it opens the door for content injection attacks. Because only a part of the email body is cryptographically signed, an attacker can intercept the email and append malicious content after the signed portion. When the receiving mail server checks the signature, it only validates the part of the body specified by the 'l' tag. The signature will appear perfectly valid, and the server may deliver the email, completely unaware of the harmful content tacked on at the end.
Imagine an email from a bank with a legitimate transaction notice. If the sender uses the 'l' tag to only sign the first few lines:
- Legitimate email sent: The DKIM signature is created with, for example, l=200, meaning only the first 200 bytes of the email body are signed.
- Attacker intercepts: The attacker keeps the first 200 bytes as they are.
- Malicious content added: After the first 200 bytes, they add a convincing phishing link or a fraudulent request for information.
- Email delivered: The recipient's mail server validates the DKIM signature against the first 200 bytes. It passes, and the email lands in the inbox, malicious payload included.
Should you use the 'l' tag?
Absolutely not. The security risks associated with the 'l' tag far outweigh any perceived benefits. In today's email ecosystem, it's considered a dangerous and outdated practice. Major mailbox providers like Gmail and Outlook rely on the integrity of the entire message, and allowing parts of it to be unsigned undermines the trust that DKIM is designed to build.
For robust email security and deliverability, you should always ensure that the entire body of your email is signed. This means not including the 'l' tag in your DKIM signature at all. By default, most modern email sending platforms and libraries will sign the entire message body, which is the correct and secure approach. The role of the 'l' tag today is largely as a historical footnote and a cautionary tale in email security.
