DKIM签名失败，正文哈希未验证Mimekit 1.10.1.0和Mailkit 1.10.2.0

Question

I see a strange problem while DKIM signing the headers with Mailkit & Mimekit, Gmail reports the error "dkim=neutral (body hash did not verify)".

Am I doing something wrong here?.Please find my code below and screenshots of the actual received mail attached.

        string ReturnName = "DMC12";
        string FromDomain = "backtothefuture.net";
        string FromEmail = "marty@" + FromDomain;
        string FromName = "Marty McFly";
        string SenderName = "Marty McFly";
        string ToEmail = "George.mcfly.1960@gmail.com";
        string MailServer = "DMC12.large.timemachine.com";
        string TextBody = @"If you put your mind to it, you can accomplish anything. One other thing. If you guys ever have kids, and one of them, when he's eight years old, accidentally sets fire to the living room rug... go easy on him!";
        string HtmlBody = string.Format(@"<b>如果你把你的头脑，它可以完成任何事情。 另一件事。 如果你们有孩子，其中一个，当他八岁时，不小心把火烧在客厅地毯上...去容易对他！</b>");
        string Subject  = "Message from Marty (1960)!";
        string ToName = "George McFly";
        string DKIMdomain = FromDomain;
        string DKIMSigner = "btfreturns.com";         
        string ReturnEmail = "DocBrown@" + MailServer;
        string SenderEmail = "marty@" + MailServer;
        string privatekey = System.IO.File.ReadAllText("dkim.private.key");
        var client = new SmtpClient(new ProtocolLogger("smtp.txt")); // logging SMTP connections

            try
            {
                client.Connect(MailServer, 25);
            }
            catch (SmtpCommandException ex)
            {
                Console.WriteLine("Error trying to connect: {0}", ex.Message);
                Console.WriteLine("\tStatusCode: {0}", ex.StatusCode);
                return;
            }
            catch (SmtpProtocolException ex)
            {
                Console.WriteLine("Protocol error while trying to connect: {0}", ex.Message);
                return;
            }
            catch (Exception ex)
            {
                Console.WriteLine(ex.Message);
                return;
            }   

            client.LocalDomain = MailServer;

            var message = new MimeMessage();
            MailboxAddress RecepientAddress = new MailboxAddress(ToName, ToEmail);

            message.From.Add(new MailboxAddress(FromName, FromEmail)); // From Address
            var builder = new BodyBuilder();

            builder.TextBody = TextBody;
            builder.HtmlBody = HtmlBody;

            List<MailboxAddress> To = new List<MailboxAddress>();
            To.Add(RecepientAddress);

            message.Subject = Subject;
            message.Body = builder.ToMessageBody();
            message.Sender = new MailboxAddress(SenderName, SenderEmail);  // Sender Address
            message.To.Add(RecepientAddress);       
            message.MessageId = Guid.NewGuid().ToString("N") + "@" + new System.Net.Mail.MailAddress(message.Sender.Address).Host;


                using (Stream s = (new MemoryStream(Encoding.UTF8.GetBytes(privatekey ?? ""))))
                {
                    var headersToSign = new[] { HeaderId.From, HeaderId.To, HeaderId.Subject, HeaderId.Date, HeaderId.MessageId };
                    var signer = new DkimSigner(s, DKIMdomain, DKIMSigner);
                    signer.SignatureAlgorithm = DkimSignatureAlgorithm.RsaSha1;
                    message.Sign(signer, headersToSign, DkimCanonicalizationAlgorithm.Relaxed, DkimCanonicalizationAlgorithm.Relaxed);
                }


                client.Send(message, new MailboxAddress(ReturnName, ReturnEmail), To);              
                client.Disconnect(true);
                client.Connect(MailServer, 25);
                client.Dispose();

Answer 1

The problem is that you are not calling message.Prepare() before DKIM signing the message. This is a very important step because it forces all of the MIME parts of the message body into an appropriate encoding to be used for transport.

Note that if you do not call Prepare() with an appropriate encoding constraint value, the SmtpClient.Send() method will end up doing that after you've DKIM signed the message, thus invalidating the signature.

My suggestion is to use EncodingConstraint.SevenBit for maximum interoperability.

However, if you are confidant that your SMTP server and all other SMTP servers that your message will transfer through support the 8BITMIME extension, then you can try using EncodingConstraint.EightBit instead.