| DomainKeys Class |
Provides methods for signing e-mails with DomainKeys and DKIM signatures and verifying
signatures of incoming e-mails.
Inheritance HierarchyNamespace: MailBee.Security
Assembly: MailBee.NET (in MailBee.NET.dll) Version: 12.4 build 677 for .NET 4.5
SyntaxThe DomainKeys type exposes the following members.
Constructors| Name | Description | |
|---|---|---|
 | DomainKeys |
Initializes a new instance of DomainKeys class.
|
| DomainKeys(Boolean) |
Initializes a new instance of DomainKeys class for use in web applications.
|
Methods| Name | Description | |
|---|---|---|
| Equals | Determines whether the specified object is equal to the current object. (Inherited from Object.) |
 | Finalize | Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.) |
| GetHashCode | Serves as the default hash function. (Inherited from Object.) |
| GetType | Gets the Type of the current instance. (Inherited from Object.) |
| MemberwiseClone | Creates a shallow copy of the current Object. (Inherited from Object.) |
 | Sign(MailMessage, String, Byte, String) |
Signs a mail message with DomainKeys and DKIM signatures.
|
| Sign(MailMessage, String, Byte, String, DomainKeysTypes) |
Signs a mail message with DomainKeys and/or DKIM signatures.
|
| Sign(MailMessage, String, String, Boolean, String) |
Signs a mail message with DomainKeys and DKIM signatures.
|
| Sign(MailMessage, String, String, Boolean, String, DomainKeysTypes) |
Signs a mail message with DomainKeys and/or DKIM signatures.
|
| ToString | Returns a string that represents the current object. (Inherited from Object.) |
| Verify(MailMessage, Smtp) |
Verifies the DomainKeys and DKIM signatures of the mail message.
|
| Verify(MailMessage, Smtp, Header) |
Verifies the specified DomainKeys and/or DKIM signature of the mail message.
|
| Verify(MailMessage, Smtp, DomainKeysTypes) |
Verifies the DomainKeys and/or DKIM signatures of the mail message.
|
| VerifyAsync(MailMessage, Smtp) |
async/await version of Verify(MailMessage, Smtp).
|
| VerifyAsync(MailMessage, Smtp, Header) |
async/await version of Verify(MailMessage, Smtp, Header).
|
| VerifyAsync(MailMessage, Smtp, DomainKeysTypes) |
async/await version of Verify(MailMessage, Smtp, DomainKeysTypes).
|
Properties| Name | Description | |
|---|---|---|
 | LastResult |
Gets a numeric code of the last error.
|
| ThrowExceptions |
Gets or sets whether the object will throw exceptions on errors.
|
Remarks
This class serves two purposes:
- Signing e-mails to be sent out with DomainKeys (and/or DKIM) signature. The domain you're sending from (i.e. company.com if the From: address is j.doe@company.com) should have valid DomainKeys DNS TXT records containing the public key of your domain (this record should be placed not directly for sending domain but rather for its sub-domain called selector). The e-mails are signed with the private key for this domain. You can use Sign(MailMessage, String, String, Boolean, String) method and its overloads to sign messages with your private key. This method also accepts selector parameter so that you can use any name for selector sub-domain. For instance, Gmail currently uses "gamma" as selector value so that the entire DomainKeys domain name is "gamma._domainkey.gmail.com" where "._domainkey." suffix is predefined by DomainKeys standard. It's important to understand there can be no actual host under that name, it's just a DNS record.
- Verifying DomainKeys (and/or DKIM) signatures of e-mails you receive. This involves using Smtp component for retrieving DomainKeys DNS record of the domain which sent the e-mail message in question, extracting the public key from that DNS record, and testing whether the signature matches that public key. No special DNS records are required on the receiving domain. Thus, you can always verify DomainKeys signatures regardless whether your domain has DomainKeys DNS record or not.
 Note |
|---|
| In many cases, you can use DomainKeysSign(Boolean, String, String, Boolean, String, DomainKeysTypes) and DomainKeysVerify methods of MailMessage class to deal with DomainKeys and DKIM signatures. They are easier to use than DomainKeys class and do not require you to supply Smtp object. |
If your domain does not have the necessary DNS TXT record holding DomainKeys data, you need to create one or contact your server administrator on this matter. You can create a public/private key pair with a tool such as OpenSSL. With OpenSSL, be sure to set the private key length to 1024 bits or more (DKIM itself does work with weaker keys but some providers like Gmail will not accept them). See RFC 4870 for more information on creating these keys.
| Note |
|---|
| This class supports classic DomainKeys (DK) and newer DKIM technology. DK is always supported while DKIM support may require the system to support SHA256 algorithm. In case of a FIPS-compliant system, you should enable FipsMode and make sure you're using MailBee.NET.dll for .NET 4.0+. Read more on on SHA256 availability in DomainKeysVerifyResult topic. |
Although DK and DKIM are different technologies, DKIM uses the same DNS records, public/private keys and selectors as DK. Thus, checking both DK and DKIM signatures won't force Verify(MailMessage, Smtp) method to send two DNS queries (for DK and DKIM). Only a single query regarding DomainKeys record will be made.
ExamplesGeneral examples are available in Sign(MailMessage, String, String, Boolean, String) and Verify(MailMessage, Smtp) topics.
Another Sign(MailMessage, String, Byte, String) example shows advanced usage
of signing.
See Also