I have written an program in C# which sends out emails. Now I have a requirement to sign outbound emails using Dominkeys/DKIM, but I'm not sure how to do it.
I have set up all keys, but I don't know how to get those and how to include them in the email header.
There is a fundamental problem with trying to do DKIM signatures with System.Net.Mail.MailMessage and System.Net.Mail.SmtpClient which is that in order to sign the message, you need to poke the internals of SmtpClient in order to hash the message body as one of the steps in generating the DKIM-Signature header. The problem comes in when you have alternative views or attachments because SmtpClient will generate new multipart boundaries each time it writes out the message which breaks the body hash and thus the DKIM-Signature validity.
To work around this, you can use the MimeKit and MailKit open source libraries for .NET as an alternative framework to using System.Net.Mail.
To add a DKIM signature to a message in MimeKit, you would do something like this:
MimeMessage message = MimeMessage.CreateFromMailMessage(mailMessage);
HeaderId[] headersToSign = new HeaderId[] { HeaderId.From, HeaderId.Subject, HeaderId.Date };
string domain = "example.net";
string selector = "brisbane";
DkimSigner signer = new DkimSigner ("C:\my-dkim-key.pem", domain, selector)
{
SignatureAlgorithm = DkimSignatureAlgorithm.RsaSha1,
AgentOrUserIdentifier = "#eng.example.com",
QueryMethod = "dns/txt",
};
// Prepare the message body to be sent over a 7bit transport (such as
// older versions of SMTP). This is VERY important because the message
// cannot be modified once we DKIM-sign our message!
//
// Note: If the SMTP server you will be sending the message over
// supports the 8BITMIME extension, then you can use
// `EncodingConstraint.EightBit` instead.
message.Prepare (EncodingConstraint.SevenBit);
message.Sign (signer, headersToSign,
DkimCanonicalizationAlgorithm.Relaxed,
DkimCanonicalizationAlgorithm.Simple);
To send the message using MailKit, you would do something like this:
using (var client = new MailKit.Net.Smtp.SmtpClient ()) {
client.Connect ("smtp.gmail.com", 465, true);
client.Authenticate ("username", "password");
client.Send (message);
client.Disconnect (true);
}
Hope that helps.
see https://github.com/dmcgiv/DKIM.Net it's a DomainKeys Identified Mail (DKIM) implementation for .Net written in C# - it enables you to sign MailMessage objects.
Use
http://www.mimekit.org
Not only does it allow to use DKIM for signing, also you can include S/MIME certificates, PGP certificates and more.
Also, its a very mature lib - the only one i've found that handles foreign languages (apart from english) correctly, since its completely and thoroughly coded with unicode in mind.
Its free and opensource.
This solved it for me when using Mailenable as SMTP relay server.
http://www.mailenable.com/kb/content/article.asp?ID=ME020700
When creating the DKIM TXT record on the domain name don't forget to use the active selector as prefix => yourselector._domainkey.yourdomainname.be
If you are looking to DKIM-sign the body of the MailMessage then DKIM.NET is great. If you are looking to have alternative views in your message then I wasnt able to find a solution and wrote my own (open-source with the usual disclaimers) that can be found at https://github.com/yannispsarras/DKIM-AlternativeViews
I understand this is a pretty old thread but I thought it may help someone.
i didnt find much help on this issue, but my problem got solve by configuring smtp server.
i cant post those steps as i am using 3rd party smtp server and every server has their own configuration. after proper configuration my smtp automatically adds DM/DKIM signature.
Related
I'm a new programmer and I've reached the point where my lack of knowledge (of the C# and VBA language) and experience is preventing me from continuing with my program. I only know Python and all the documentation that I've tried digging into is in C# and VB.
My story: I'm working on a GUI that automates and manages specialized email operations for my company using Outlook Express 2016. I've figured out that win32com is the package to use, and I've figured out how to create and send basic emails, but I'm struggling to figure out how to send emails encrypted. My company uses the McAfee SaaS Email Encryption add-in found at: http://www.mcafee.com/us/downloads/saas/encrypted-from-microsoft-outlook-addin.aspx.
Note: the site doesn't specify that this add-in is supported in the 2016 version but it indeed works. Also, the built-in Outlook option to encrypt all emails is not viable because I need some emails to not be encrypted.
What I've garnered from another similar post is that I need to use the PropertyAccessor method:
mailItem.PropertyAccessor.SetProperty(
"http://schemas.microsoft.com/mapi/proptag/0xHHHHHHHH", x);
where HHHHHHHH is some hexadecimal code and x represents a state such as 0 = off. I tried digging into some property tag documentation but I'm having trouble understanding them.
Am I on the right track? There may be a completely different + easier way of doing this. I do realize a lot of my difficulty may be due to not knowing C#/VBA, but it would be highly appreciated if someone out there can point me in the right direction.
First, you need a Secure Email certificate issued to the email address you want to use.
Let's say this is mymail.somecompany.com. Your cert should have this in the subject name and should be enabled for secure email.
Next, you need to programmatically get the certificate or load from a pfx file like
X509Store store = new X509Store(StoreLocation.CurrentUser);
store.Open(OpenFlags.OpenExistingOnly | OpenFlags.ReadOnly);
X509Certificate2Collection certs = store.Certificates;
X509Certificate2 certificate = null;
foreach (X509Certificate2 cert in certs)
{
if (cert.Subject.IndexOf("mymail#somecompany.com") >= 0)
{
certificate = cert;
break;
}
}
Next, you need to have an entity that you want to sign and send.
string strbody = #"Content-Type: text/plain;charset=""iso-8859-1""
Content-Transfer-Encoding: quoted-printable
This is a test s/mime message";
This is where it gets a little not very intuitive since there is no programatic way of creating the email entity you want to send
Note the headers and a series of two \r\n before the entity body "this is a test s/mime" message begins
Next, you need to generate a signed envelope for this content
byte[] data = Encoding.ASCII.GetBytes(strbody);
ContentInfo content = new ContentInfo(data);
SignedCms signedCms = new SignedCms(content, false);
CmsSigner signer = new CmsSigner(SubjectIdentifierType.IssuerAndSerialNumber, certificate);
signedCms.ComputeSignature(signer);
byte[] signedbytes = signedCms.Encode();
Now that you have the content you want to send is signed with the certificate of your choice you need to
create a mail message object and create an alternate view and add this to your alternate view collection
MailMessage msg = new MailMessage();
msg.From = new MailAddress("");
msg.To.Add(new MailAddress(""));
msg.Subject = "test s/mime";
MemoryStream ms = new MemoryStream(signedbytes);
AlternateView av = new AlternateView(ms, "application/pkcs7-mime; smime-type=signed-data;name=smime.p7m");
msg.AlternateViews.Add(av);
Now that you have the message prepared you can just send it
SmtpClient client = new SmtpClient("smtphost", 25);
client.UseDefaultCredentials = true;
client.Send(msg);
This is a kind of hack at this time and requires some manual preparation of the entity body
you want to sign. I need to do some more research on this and find out if there is a better way of doing this.
When connecting to Gmail with OpenPop, I can only retrieve an email once, even if I do not delete it. Using GetMessageCount() I always receive 0 emails. How can I get all the emails that are there?
Only after reading them and processing them do I give order to delete. I am using the following code to get the emails:
using (var client = new Pop3Client())
{
// Connect to the server
client.Connect(serverData.Hostname, serverData.Port, serverData.UseSsl);
// Authenticate ourselves towards the server
client.Authenticate(serverData.Username, serverData.Password, AuthenticationMethod.UsernameAndPassword);
var emailAmount = client.GetMessageSizes().Count;
// Fetch all the current uids seen
var msgCount = client.GetMessageCount();
.....
}
Gmail is special. Take a look at this StackOverflow post which explains the non-standard behavior.
What you are interested in, is that Gmail will only show a message in ONE POP3 session, unless you do special stuff, like prepending recent: in front of your username.
Getting only the unread mails is how POP3 is supposed to work. If you want to see and manage older mails, you should use IMAP instead.
The context:
We’re a small company that does not have an Exchange Server (or anyone dedicated to it) yet we still need to have/send emails.
We’ve decided to use Microsoft Online Services (MOS)
The Objective:
We have a web server (Windows Server 2003 R2 with IIS 6.0) and have deployed a C# ASP.Net MCV application.
The web application needs to send emails each time a user creates an account.
According to the documentation we need to use port (587) and make sure Transport Layer Security (TLS) enable. In addition, the FROM address being used must be of type “Authoritative” which it is when I double check via the Microsoft Online Administration Center
The code:
The C# code I have should be trivial and is the following:
SmtpClient server = new SmtpClient("Smtp.mail.microsoftonline.com");
server.Port = 587;
server.EnableSsl = true;
server.Credentials = new System.Net.NetworkCredential("xxx#domain.com", "123abc");
server.UseDefaultCredentials = false;
MailMessage mail = new MailMessage();
mail.From = new MailAddress("xxx#domain.com");
mail.To.Add("johndoe#domain.com");
mail.Subject = "test subject";
mail.Body = "this is my message body";
mail.IsBodyHtml = true;
try
{
server.Send(mail);
}
catch (Exception ex)
{
throw ex;
}
The error:
I’ve created a simple winform application with the above code to test the sending of emails…
I’ve tested the winform application locally on my computer (Windows XP) and on the Server.
In both attempt, I keep receiving the following error message:
The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.7.1 Client was not authenticated.
After Googling for a while I still haven’t found the reason why…In addition, most of the answers I’ve found are making a reference to the Exchange Management Console which we don’t seem to have (or installed) hence why we are using Microsoft Online Services…
Questions:
1) As a paying customer of MOS, my initial understanding is that I shouldn’t have to install (or have) an Exchange Management Console on our server…in fact, this should be completely irrelevant in order to achieve my task.
2) I’ve also tried enabling TLS inside our IIS 6.0 but to no avail…
3) We are grasping at straws here because what we seem to do looks like something amazingly trivial…
4) Should we simply abandon the idea of using MOS’s SMTP server and use another one? Such as Gmail’s ? If so…then why bother paying a monthly fee for MOS?
If any one has any help/advice that can help me shed some light on this, that would be great!
Sincerely
Vince
WOW…I believe we’ve found the culprit!!!
By commenting this line of code:
//server.UseDefaultCredentials = false;
Everything started to work!
I’m now able to send emails inside and outside our domain…
What puzzles me the most is that, according to the documentation, the default value of this UseDefaultCredentials property is set to false
So…when I manually set it to false it doesn’t work but when I comment the line (which also set’s it to false because of its default value) it works!
If this is a known issue or if anyone has an answer for that, I’d be curious to know!
looking in Reflector on UseDefaultCredentials property, you can see that it also changes the trasnport.Credentials value, so when you called this property with a false value, it changed the transport credentials to null.
the problem is that you called this property after setting the credentials in the line before that,
it nullified the credentials.
so bottom line, you shouldn't set the credentials and call this property afterwise.
you can try this sample
private void Button1_Click(System.Object sender, System.EventArgs e)
{
try
{
MailMessage myMessage = new MailMessage();
SmtpClient myClient = new SmtpClient("yourserver");
myClient.Port = "587";
myClient.Host = "your server";
myClient.UseDefaultCredentials = false;
myClient.Credentials = new System.Net.NetworkCredential("username", "password");
myMessage.From = new MailAddress("sender");
myMessage.To.Add("recipient");
myMessage.Subject = "Subject email";
myMessage.Body = "body email";
myClient.EnableSsl = true;
myClient.Send(myMessage);
}
catch (Exepiton ex)
{
MessageBox.Show(ex.Message.ToString());
}
}
Bye
5.7.1 is not an authentication issue, but a relay issue. In order to prevent anyone from using your server (or account, as the case may be) the smtp server is configured to only allow mail to users outside your domain if it is comming from an authoritive address. Verify that the address you have listed here
mail.From = new MailAddress("xxx#domain.com");
is the same as the one you are authenticating as. Also, make sure that the domain of the address listed is in the authoritive domains list.
What worked for me was what the-dude suggested Send SMTP email using System.Net.Mail via Exchange Online (Office 365) , on changing the email "from" address to be the same as the login for the stmp address
AND
doing what Vince suggested at the end Sending email using Smtp.mail.microsoftonline.com for commenting out "smtpClient.UseDefaultCredentials = false;"
Be sure to double check that your username is correct. It is not necessarily the same as your from email address. For example the from address may be "no-reply#yourdomain.com" but the username could be "mail-svc#yourdomain.onmicrosoft.com" depending no your setup and integration with Azure Active Directory etc.
I have created a community portal, in which user creates his/her account. After successfull registration a confirmation mail is send on registered email address.
I am using the following code to send the mail -
private void SendMail(string recvr, string recvrName, string verCode, int NewUserID)
{
try
{
string emailID = ConfigurationManager.AppSettings["WebMasterMail"];
string mailPass = ConfigurationManager.AppSettings["pass"];
string mailer = ConfigurationManager.AppSettings["mailer"];
MailMessage msg = new MailMessage();
MailAddress addrFrom = new MailAddress(emailID, "Panbeli.in.... Bari community portal");
MailAddress addrTo = new MailAddress(recvr, recvrName);
msg.To.Add(addrTo);
msg.From = addrFrom;
msg.Subject = "You have registered sucessfully on PanBeli.in.";
msg.Priority = MailPriority.High;
msg.Body = RegisterMessageBody(recvrName, verCode,NewUserID);
msg.IsBodyHtml = true;
SmtpClient smtp = new SmtpClient(mailer);
smtp.Credentials = new System.Net.NetworkCredential(emailID, mailPass);
smtp.Send(msg);
}
catch (Exception Ex) { }
}
While testing we found that all the confirmation mails are going to SPAM folder instead of Inbox.
Is there anything wrong with the code or is there anything related to security.
Can anybody suggest solution to this problem.
Thanks for sharing your time.
It sounds like your email is getting flagged by SpamAssassin or the like, so you just need to focus on changing your email enough to not get flagged.
Your content doesn't sound like it has any reason to rate high for the Bayesian score, so I don't think thats the problem. It wouldn't hurt to try removing possible trigger words though.
Your message is marked with high priority. Do you need this? This just adds into one of the scoring metrics in a spam filter. Spam is often marked with high priority, so your message will be treated with more scrutiny. On the otherhand, for some filters marking your message with high priority will mean less scrutiny.
IsBodyHTML is marked true, but you're only providing text/html. You minimally need to include an alternate view with text/plain.
message.IsBodyHtml = true;
string html = RegisterMessageBodyHtml(recvrName, verCode,NewUserID);
string plain = RegisterMessageBodyPlaintext(recvrName, verCode, NewUserID);
message.AlternateViews.Add(AlternateView.CreateAlternateViewFromString(html, new ContentType("text/html"));
message.AlternateViews.Add(AlternateView.CreateAlternateViewFromString(plain, new ContentType("text/plain"));
See how Google treats your message. In gmail, open a test message that you've sent, click the downfacing arrow next to the reply button, and select "Show Original". You'll see how Google treated your message. Look for headers like:
Received-SPF: softfail (google.com: domain of transitioning xxx#xxx.org does not designate xx.xx.xx.xx as permitted sender) client-ip=xx.xx.xx.xx;
Authentication-Results: mx.google.com; spf=softfail (google.com: domain of transitioning xxx#xxx.org does not designate xx.xx.xx.xx as permitted sender)
Read up on the default rule set for SpamAssassin as it will probably be a good reference on the rule sets for most filters. If you can identify why your message is getting flagged, you can fix it.
Emails Marked as Spam
This is not a programming issue unfortunately, but I can understand why you might think it is. The code is sending the emails, and they have been sent as you reported. So this is highly unlikely to be a problem with your code, because it's served it's purpose fully!
Getting around it
It all comes down to the recipients mail client (the software they are using to view the emails with), or the services that process the emails at some sort of gateway, or a combination of both of these!
All of these elements have vastly varied algorithms and metrics for determining if an email is probably spam or not. So a one fit all solution is sadly not possible. Some are intelligent, other less so, some brutally discard a huge % of emails, others operate purely on a 'not on white list, you're not getting in' policy, and then there are those that just let everything come in regardless of content/origin.
The ways to go around fixing this are:
To try and get on white lists for major email providers.
Educate your audience to add the senders email address as a trusted contact.
Check your mail server IP isn't blacklisted by some providers. It's possible your IP address was previously used to send spam.
Experiment with the emails content
Your from address is invalid. Try putting in a real email address that points to a valid mailbox. Preferably this email address is on the same domain as the SMTP server you use to send the mail with. If not, read into SPF http://en.wikipedia.org/wiki/Sender_Policy_Framework
This happen to me to and it's solved now,
I just set the BodyEncoding and SubjectEncoding proprieties on the MailMessage object,
and added the DOCTYPE and the html tags to my email header,
var msg = new MailMessage
{
Subject = subject,
Body = body,
BodyEncoding = System.Text.Encoding.UTF8,
SubjectEncoding = System.Text.Encoding.Default,
IsBodyHtml = true
};
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
It's working perfectly now
Add following line in your code while creating MailMessage
msg.BodyEncoding = System.Text.Encoding.GetEncoding("utf-8");
This happens a lot even for the house hold names. I sympathise with you as you only want a plain text email but if your clients really want those emails and you really want your logo in then they could just white list your domain so that all emails get through!
We use a company called mailchimp for sending out subscriber mails and I questioned them on how to avoid spam filters especially in the context of essentially an advert out to a large group it can be very difficult to avoid them, here is their advice and there is lots of it.;
Avoiding the Spam Filters
For anyone having this problem, it looks like Google mark as spam any mails using the default ASP.NET e-mail authentication subject and body. I.e.:
"Please confirm your account by clicking here."
Changing the text allows the e-mail to pass the spam filter
I have a windows forms application that I am adding a request support form to, and would like the user to be able to input the values and hit a button. Once the button is pushed I can either:
Open a new mail message and auto populate the message. (Not sure how to do this)
Submit the request via a http form on my website. (I know how to do this)
Send an email directly from the code of the application. (I know how to do this)
What I want to know is what would be the best method to use? I think option 1 is the most transparent, and the user will see exactly what is being sent, but I am not sure how to ensure it works no matter what email client they use.
I see there being potential issues with option two, specifically a firewall possibly stopping the submission. But option 2 would allow me to supply them with a ticket number right then and there for their request.
Thanks for the help.
For Option 1, as suggested, use the mailto handler.
Format your string like so: string.Format("mailto:support#example.com?subject={0}&body={1}", subject, body). Don't forget to UrlEncode the subject and body values.
Then use System.Diagnostics.Process.Start() with your string.
This will launch the registered mail handler (Outlook, Windows Live Mail, Thunderbird, etc) on the system.
For option 1 : If the message body is short, then invoking the mailto handler from inside your code no longer requires that they be using outlook. It's kinda a cheap hack, but it's completely cross-platform for local mail clients. (If they're using something like gmail, you're still SOL, though)
Option 2) is the best to avoid enterprise firewall issues because the HTTP port may not be blocked.
Option 2) is the best for simple configuration. The only config key you will have is the service/page url. Then your SMTP configuration will stay on your webserver.
Now you will have to choose between using a webpage (if one already exists) or a webservice (which is best fitted for your feature).
For option (1) be prepared to deal with Outlook version problems. But this is not hard (again if we are talking about Outlook, last version)
//using Microsoft.Office.Interop.Outlook;
private void OutlookMail(string Subject, string Body)
{
ApplicationClass app = new ApplicationClass();
NameSpaceClass ns = (NameSpaceClass)app.GetNamespace("mapi");
ns.Logon("", "", true, true);
MailItem mi =
(MailItem)app.CreateItem(OlItemType.olMailItem);
mi.Subject = Subject;
int EOFPos = Body.IndexOf(char.Parse("\0"));
if (EOFPos != -1)
{
log.Error("EOF found in Mail body");
ErrorDialog ed = new ErrorDialog(TietoEnator.Common.ErrorDialog.ErrorDialog.Style.OK, "Export Error", "File could not be exported correctly, please inform responsible person", "", "EOF char detected in the body of email message.");
ed.ShowDialog();
Body=Body.Replace("\0", "");
}
mi.HTMLBody = "<html><head><META content='text/html; charset=CP1257' http-equiv=Content-Type></head><body><table>"+Body+"</table></body></html>";
mi.BodyFormat = OlBodyFormat.olFormatHTML;//.olFormatPlain;
mi.Display(0); // show it non - modally
ns.Logoff();
}
BTW for automatic support requests I plan to use in my current project "Microsoft Enterprise Logging Support Block" email sending functionality.