(DataFlex) Verify DomainKey-Signature Headers in Downloaded Email

Downloads email from an IMAP server and verifies the DomainKey-Signature header(s) in each email, if present.

Note: DKIM-Signatures are much more common than DomainKey-Signatures. See the other Chilkat example for verifying DKIM-Signatures (link in the code below).

Chilkat ActiveX Downloads

ActiveX for 32-bit and 64-bit Windows

Use ChilkatAx-win32.pkg Procedure Test Handle hoImap Boolean iSuccess Handle hoDkim Boolean iBUid Integer iSeqNum Integer j Integer n Handle hoJson Variant vMimeData Handle hoMimeData Integer iNumSigs String sTemp1 // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. Get Create (RefClass(cComChilkatImap)) To hoImap If (Not(IsComObjectCreated(hoImap))) Begin Send CreateComObject of hoImap End // Connect to an IMAP server, login, select mailbox.. // Use TLS Set ComSsl Of hoImap To True Set ComPort Of hoImap To 993 Get ComConnect Of hoImap "imap.someMailServer.com" To iSuccess If (iSuccess = True) Begin Get ComLogin Of hoImap "myLogin" "myPassword" To iSuccess If (iSuccess = True) Begin Get ComSelectMailbox Of hoImap "Inbox" To iSuccess End End If (iSuccess <> True) Begin Get ComLastErrorText Of hoImap To sTemp1 Showln sTemp1 Procedure_Return End // Note: DKIM-Signatures are much more common than DomainKey-Signature // See DKIM-Signature Verify Sample. Get Create (RefClass(cComChilkatDkim)) To hoDkim If (Not(IsComObjectCreated(hoDkim))) Begin Send CreateComObject of hoDkim End // Download a max of 10 emails and verify any DomainKey-Signature headers // that are present. // Download emails by sequence numbers (not UIDs). Move False To iBUid Get ComNumMessages Of hoImap To n If (n > 50) Begin Move 50 To n End Get Create (RefClass(cComChilkatJsonObject)) To hoJson If (Not(IsComObjectCreated(hoJson))) Begin Send CreateComObject of hoJson End Set ComEmitCompact Of hoJson To False // To verify DomainKey-Signature headers, we need the exact unmodified MIME bytes of each email. Get Create (RefClass(cComChilkatBinData)) To hoMimeData If (Not(IsComObjectCreated(hoMimeData))) Begin Send CreateComObject of hoMimeData End Move 1 To iSeqNum While (iSeqNum <= n) // The FetchSingleBd method was introduced in v9.5.0.76 Get pvComObject of hoMimeData to vMimeData Get ComFetchSingleBd Of hoImap iSeqNum iBUid vMimeData To iSuccess If (iSuccess <> True) Begin Get ComLastErrorText Of hoImap To sTemp1 Showln sTemp1 Procedure_Return End // Note: DKIM-Signatures are much more common than DomainKey-Signature // See DKIM-Signature Verify Sample. // Get the number of DomainKey-Signature headers. Get pvComObject of hoMimeData to vMimeData Get ComNumDomainKeySigs Of hoDkim vMimeData To iNumSigs // Verify each.. Move 0 To j While (j < iNumSigs) Showln "------ DomainKey Signature " j Get pvComObject of hoMimeData to vMimeData Get ComDomainKeyVerify Of hoDkim j vMimeData To iSuccess If (iSuccess <> True) Begin Showln "Not valid." Get ComLastErrorText Of hoDkim To sTemp1 Showln sTemp1 End Else Begin Showln "valid." End // Show the additional information about the signature verification Get ComVerifyInfo Of hoDkim To sTemp1 Get ComLoad Of hoJson sTemp1 To iSuccess Get ComEmit Of hoJson To sTemp1 Showln sTemp1 // The JSON contains information such as this: // { // "domain": "amazonses.com", // "selector": "7v7vs6w47njt4pimodk5mmttbegzsi6n", // "publicKey": "MIGfMA0GCSqG...v2GvWPqGHz6uqeQIDAQAB", // "canonicalization": "relaxed/simple", // "algorithm": "rsa-sha256", // "signedHeaders": "Subject:From:To:Date:Mime-Version:Content-Type:References:Message-Id:Feedback-ID", // "verified": "yes" // } Move (j + 1) To j Loop Move (iSeqNum + 1) To iSeqNum Loop Get ComDisconnect Of hoImap To iSuccess End_Procedure