Bug: Current DKIM header canonicalization can lead to invalid DKIM

[tadcos]

In DKIMSigner class header Canonicalization is hard coded to SIMPLE (RELAXED should be better, or we could let the user choose). This may lead to Invalid Dkim, see https://wordtothewise.com/2016/12/dkim-canonicalization-or-why-microsoft-breaks-your-mail/

dkimSigner.setHeaderCanonicalization(Canonicalization.SIMPLE);

[bbottema]

Hmm, interesting. I wonder if I should make relaxed the default, assuming most users won't know about this gotcha. Does that make sense? I'm not really into DKIM that much to be able to judge that properly though :/

[tadcos]

Yes, I would suggest to use relaxed as the default, that would avoid invalid dkim in some situations. I also notice that all the advertising mails that I receive use this value. Le jeu. 25 juil. 2019 à 20:50, Benny Bottema <notifications@github.com> a écrit :

…

Hmm, interesting. I wonder if I should make relaxed the default, assuming most users won't know about this gotcha. Does that make sense? I'm not really into DKIM that much to be able to judge that properly though :/ — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#215?email_source=notifications&email_token=ACW2NKLMPXVTIN24IDZG4K3QBHYYRA5CNFSM4IEQYAKKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD22NXXQ#issuecomment-515169246>, or mute the thread <https://github.com/notifications/unsubscribe-auth/ACW2NKLP7DBPCEZYOSAASPDQBHYYRANCNFSM4IEQYAKA> .

[bbottema]

Ok, if you feel up to it, I would accept a PR on master. Else I will pick it up in some time.

[bbottema]

@toKrause do you have any strong feelings on this (or safety-warning)?

[bbottema]

Released in 5.3.0. I'll revert it if @toKrause comes up with something.