Bug: Current DKIM header canonicalization can lead to invalid DKIM
tadcos opened this issue · comments
In DKIMSigner class header Canonicalization is hard coded to SIMPLE (RELAXED should be better, or we could let the user choose). This may lead to Invalid Dkim, see https://wordtothewise.com/2016/12/dkim-canonicalization-or-why-microsoft-breaks-your-mail/
dkimSigner.setHeaderCanonicalization(Canonicalization.SIMPLE);
Hmm, interesting. I wonder if I should make relaxed the default, assuming most users won't know about this gotcha. Does that make sense? I'm not really into DKIM that much to be able to judge that properly though :/
Ok, if you feel up to it, I would accept a PR on master. Else I will pick it up in some time.
@toKrause do you have any strong feelings on this (or safety-warning)?
Released in 5.3.0. I'll revert it if @toKrause comes up with something.