Skip to content
This repository has been archived by the owner on Dec 17, 2021. It is now read-only.

Latest commit

 

History

History
74 lines (54 loc) · 2.75 KB

README.md

File metadata and controls

74 lines (54 loc) · 2.75 KB
Raw

Spring Boot DKIM JavaMail

❗ Development of version 2.x has been moved to V1ncNet/mail-extensions-spring-boot. This repo is no longer active.

This project provides an easy way to digitally sign your emails. Therefore, this project uses the java-utils-mail-dkim library from Markenwerk and extends Spring's JavaMailSender to sign MIME messages before they were transported to the SMTP server. To verify the signed parts of the email you must configure your DNS. This authentication method is called DKIM (DomainKeys Identified Mail).

Usage

Include the spring-boot-starter-dkim-javamail dependency in your pom.xml and adjust your application.properties or application.yml as described in Configuration.

The starter, as well as the other artifacts are hosted in the Maven Central Repository. You can use it with the following coordinates:

<dependency>
    <groupId>de.vinado.boot</groupId>
    <artifactId>spring-boot-starter-dkim-javamail</artifactId>
    <version>1.2.2</version>
</dependency>

Version v1.0.0 is still available in the JitPack repository.

Setup

Due to the Spring Boot Start, there is no coding required to include the project. Still, there are a few things that are required for emails to be signed and verified. Read the developer documentation in the signer-library for complete setup instructions on how to create an RSA keypair and properly configure DNS.

Configuration

The starter uses auto configuration to avoid Java-based adjustments. The mandatory configuration looks like this:

dkim.signing-domain=domain.tld
dkim.selector=default
dkim.private-key=file:/path/to/your/private.key.der
#dkim.private-key=classpath:/path/to/your/private.key.der
#dkim.private-key=/path/to/your/private.key.der

The example assumes your TXT record uses the domain default._domainkey.domain.tld. The following example contains optional properties which configures the DKIM signer itself:

dkim.signer.identity=
dkim.signer.header-canonicalization=SIMPLE
dkim.signer.body-canonicalization=RELAXED
dkim.signer.signing-algorithm=SHA256_WITH_RSA
dkim.signer.length-param=true
dkim.signer.copy-header-fields=false
dkim.signer.check-domain-key=true

To learn more about the identity and canonicalization read the specification about DKIM.

Licence

Apache License 2.0 - Vinado - Built with ❤️ in Dresden