Send signed email using S/MIME

In this article we’ll show how to digitally sign email message and send it using Mail.dll email component. You’ll need to use S/MIME (sometimes called SMIME) standard to sign email.

S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public key encryption and signing of any MIME data including email messages.

S/MIME was originally developed by RSA Data Security. Specification uses Cryptographic Message Syntax (CMS), an IETF specification that is identical in most respects with PKCS #7.

S/MIME provides the following cryptographic security services for electronic messaging applications: authentication, message integrity, non-repudiation of origin (using digital signatures), privacy and data security (using encryption).

S/MIME signatures are usually done with what’s called “detached signatures”. The signature information is separate from the text being signed. The MIME type for such signed data is multipart/signed with the second part having a MIME subtype of application/(x-)pkcs7-signature. Mail.dll uses application/x-pkcs7-signature MIME entity to store S/MIME detached signatures.

Signing using MailBuilder

// C# version

MailBuilder b = new MailBuilder();
b.From.Add(new MailBox("mail@in_the_certificate.com", "Alice"));
b.To.Add(new MailBox("bob@mail.com", "Bob"));
b.Subject = "Test";
b.Html =                            // Set HTML body
    "This is <strong>signed</strong> message, " +
    "with embedded image:<br />" +
    "<img src = 'cid:image1' />.";

// Read attachment from disk...and add it to Visuals collection
MimeData image = b.AddVisual(@"c:\image.jpg");
image.ContentId = "image1";

b.SignWith(new X509Certificate2("TestCertificate.pfx", ""));

IMail email = b.Create();
' VB.NET

Dim b As New MailBuilder()
b.From.Add(New MailBox("mail@in_the_certificate.com", "Alice"))
b.[To].Add(New MailBox("bob@mail.com", "Bob"))
b.Subject = "Test"

' Set HTML body
b.Html = "This is <strong>signed</strong> message, " _
   + "with embedded image:<br />" _
   + "<img src = 'cid:image1' />."

' Read attachment from disk...and add it to Visuals collection
Dim image As MimeData = b.AddVisual("c:\image.jpg")
image.ContentId = "image1"

b.SignWith(New X509Certificate2("TestCertificate.pfx", ""))

Dim email As IMail = b.Create()

Signing using fluent interface

// C# version

IMail email = Mail
    .Html(@"<html><body>This is <strong>signed</strong> message with image <img src = 'cid:image1' /></body></html>")
    .Subject("Test")
    .From(new MailBox("mail@in_the_certificate.com", "Alice"))
    .To(new MailBox("bob@mail.com", "Bob"))
    .AddVisual(@"c:\image.jpg")
    .SetContentId("image1")
    .SignWith(new X509Certificate2("TestCertificate.pfx", ""))
    .Create();
' VB.NET

Dim email As IMail = Mail _
    .Html("<html><body>This is <strong>signed</strong> message with image <img src = 'cid:image1' /></body></html>") _
    .Subject("Test") _
    .From(New MailBox("mail@in_the_certificate.com", "Alice")) _
    .[To](New MailBox("bob@mail.com", "Bob")) _
    .AddVisual(@"c:\image.jpg") _
    .SetContentId("image1") _
    .SignWith(New X509Certificate2("TestCertificate.pfx", "")) _
    .Create()

Create test certificate

You can use following commands in VisualStudio Command Prompt to create test certificate:

makecert.exe -pe -r -sv Test_Keys.pvk -n "CN=John Doe,E=email@in-the-certificate.com" -sky exchange Test.cer

pvk2pfx.exe -pvk Test_Keys.pvk -spc Test.cer -pfx Test.pfx

If you use CER or PEM files you can find more information in this article:
Importing private/public keys or certificates in PEM, CER formats.

Sending signed email using SMTP

Now we can connect to SMTP server and send the email we recently created:

// C#

using (Smtp client = new Smtp())
{
    client.Connect("smtp.example.com"); // or ConnectSSL
    client.UseBestLogin("user", "password");
    client.SendMessage(email);
    client.Close();
}
' VB.NET

Using client As New Smtp()
	client.Connect("smtp.example.com") ' or ConnectSSL
	client.UseBestLogin("user", "password")
	client.SendMessage(email)
	client.Close()
End Using

By default Mail.dll uses SHA-1 alghoritm for signing. You can change this setting and choose different signature and encryption algorithm while sending S/MIME encrypted email message.

Tags: , , , ,

One Response to “Send signed email using S/MIME”

  1. Send signed email receive encrypted Says:

    […] How to send signed email. […]

Questions?

Consider using our Q&A forum for asking any questions.