Send signed email using S/MIME
In this article we’ll show how to digitally sign email message and send it using Mail.dll email component. You’ll need to use S/MIME (sometimes called SMIME) standard to sign email.
S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public key encryption and signing of any MIME data including email messages.
S/MIME was originally developed by RSA Data Security. Specification uses Cryptographic Message Syntax (CMS), an IETF specification that is identical in most respects with PKCS #7.
S/MIME provides the following cryptographic security services for electronic messaging applications: authentication, message integrity, non-repudiation of origin (using digital signatures), privacy and data security (using encryption).
S/MIME signatures are usually done with what’s called “detached signatures”. The signature information is separate from the text being signed. The MIME type for such signed data is multipart/signed with the second part having a MIME subtype of application/(x-)pkcs7-signature. Mail.dll uses application/x-pkcs7-signature MIME entity to store S/MIME detached signatures.
Signing using MailBuilder
// C# version
MailBuilder b = new MailBuilder();
b.From.Add(new MailBox("mail@in_the_certificate.com", "Alice"));
b.To.Add(new MailBox("bob@mail.com", "Bob"));
b.Subject = "Test";
b.Html = // Set HTML body
"This is <strong>signed</strong> message, " +
"with embedded image:<br />" +
"<img src = 'cid:image1' />.";
// Read attachment from disk...and add it to Visuals collection
MimeData image = b.AddVisual(@"c:\image.jpg");
image.ContentId = "image1";
b.SignWith(new X509Certificate2("TestCertificate.pfx", ""));
IMail email = b.Create();
' VB.NET
Dim b As New MailBuilder()
b.From.Add(New MailBox("mail@in_the_certificate.com", "Alice"))
b.[To].Add(New MailBox("bob@mail.com", "Bob"))
b.Subject = "Test"
' Set HTML body
b.Html = "This is <strong>signed</strong> message, " _
+ "with embedded image:<br />" _
+ "<img src = 'cid:image1' />."
' Read attachment from disk...and add it to Visuals collection
Dim image As MimeData = b.AddVisual("c:\image.jpg")
image.ContentId = "image1"
b.SignWith(New X509Certificate2("TestCertificate.pfx", ""))
Dim email As IMail = b.Create()
Signing using fluent interface
// C# version
IMail email = Mail
.Html(@"<html><body>This is <strong>signed</strong> message with image <img src = 'cid:image1' /></body></html>")
.Subject("Test")
.From(new MailBox("mail@in_the_certificate.com", "Alice"))
.To(new MailBox("bob@mail.com", "Bob"))
.AddVisual(@"c:\image.jpg")
.SetContentId("image1")
.SignWith(new X509Certificate2("TestCertificate.pfx", ""))
.Create();
' VB.NET
Dim email As IMail = Mail _
.Html("<html><body>This is <strong>signed</strong> message with image <img src = 'cid:image1' /></body></html>") _
.Subject("Test") _
.From(New MailBox("mail@in_the_certificate.com", "Alice")) _
.[To](New MailBox("bob@mail.com", "Bob")) _
.AddVisual(@"c:\image.jpg") _
.SetContentId("image1") _
.SignWith(New X509Certificate2("TestCertificate.pfx", "")) _
.Create()
Create test certificate
You can use following commands in VisualStudio Command Prompt to create test certificate:
makecert.exe -pe -r -sv Test_Keys.pvk -n "CN=John Doe,E=email@in-the-certificate.com" -sky exchange Test.cer
pvk2pfx.exe -pvk Test_Keys.pvk -spc Test.cer -pfx Test.pfx
Importing private/public keys or certificates in PEM, CER formats.
Sending signed email using SMTP
Now we can connect to SMTP server and send the email we recently created:
// C#
using (Smtp client = new Smtp())
{
client.Connect("smtp.example.com"); // or ConnectSSL
client.UseBestLogin("user", "password");
client.SendMessage(email);
client.Close();
}
' VB.NET
Using client As New Smtp()
client.Connect("smtp.example.com") ' or ConnectSSL
client.UseBestLogin("user", "password")
client.SendMessage(email)
client.Close()
End Using
By default Mail.dll uses SHA-1 alghoritm for signing. You can change this setting and choose different signature and encryption algorithm while sending S/MIME encrypted email message.
May 24th, 2015 at 09:23
[…] How to send signed email. […]