DKIM signing is broken

K

Kirby

Well-known member
Affected version
2.3.7
XenForo currently generates the DKIM signature in \XF\Mail\Mail::setFinalHeaders().

This was fine in XenForo 2.2, but in XenForo 2.3 the email is basically rebuild in \XF\Mail\Mailer::send():

PHP: 
$email = MessageConverter::toEmail($email);

This modifies the body as new MIME boundaries are generated which obviosuly invalidates the previously generated body hash.

Suggested Fix
Generate the DKIM signature immediately before actually sending the email, this ensures that DKIM signing is done as the last step before sending.
The attached patch implements this and seems to work fine.
 

Attachments

Last edited:
I've revised the patch, so here comes v2.

v1 basically just moved the signing code from \XF\Mail\Mail::setFinalHeaders() to \XF\Mail\Mailer::send() and left an unused use statement in XF\Mail\Mail.

While this seems to work fine, it's kinda inefficient:
The original code created a signer instance for every single mail.

v2 changes this by creating the signer just once in the constructor, according to my completely unscientific tests this seems to be significantly faster when sending a bunch of emails and shouldn't have a negative effect on single emails.
 

Attachments

Similar threads

K
Fixed DKIM signing causes serious performance issue when sending emails
Replies
4
Views
1K
XF Bug Bot
XF Bug Bot
iaresee
Fixed How often does the VerifyEmailDkim job run?
Replies
9
Views
1K
iaresee
iaresee
digitalpoint
  • Suggestion Suggestion
Implemented Signing of outgoing emails with DKIM
Replies
5
Views
15K
Chris D
Chris D
J
  • Question Question
XF 2.2 DKIM showing valid on MXToolBox but not on GMAIL & Xenforo
Replies
9
Views
1K
TPerry
TPerry
CMTV
Fixed CodeMirror PHP mode is broken in ACP
Replies
1
Views
2K
Chris D
Chris D
Back
Top Bottom