API DOCSEmail API & Cloud SMTPPricingBlog

Impact of Content Encoding on DKIM Authentication

DKIM (DomainKeys Identified Mail) is an authentication mechanism that allows receiving mail servers to verify whether a message has been modified in transit and whether it truly originates from the declared sender.

A properly configured DKIM setup is one of the key factors influencing email deliverability and how messages are classified by mailbox providers.

DKIM Verification Errors (Body Hash Error)

In some cases, even with a correctly implemented DKIM record in DNS, you may encounter the following errors indicating integrity issues:

dkim=fail (body has been altered) or dkim=fail (body hash did not verify)

One of the most common causes of these issues is an inappropriate Content-Transfer-Encoding header.

Issues with 8bit and 7bit Encoding

Common but not recommended configurations for HTML emails:

  • Content-Transfer-Encoding: 8bit

  • Content-Transfer-Encoding: 7bit

The 8bit Encoding is not recommended for HTML emails, as it doesn’t guarantee that the message body will remain unchanged as the email passes through multiple mail servers (MTAs). In practice, this can lead to:

  • Alteration of diacritical characters,

  • Modification of whitespace (spaces, tabs),

  • Automatic character conversions performed by intermediary servers.

Even the smallest change to the message body causes the DKIM body hash (checksum) to no longer match, resulting in the DKIM signature being marked as invalid (fail).

Recommended Configuration: Quoted-Printable

The recommended and most reliable configuration, especially for HTML emails, is:

Content-Transfer-Encoding: quoted-printable

The quoted-printable encoding (or base64) is considered "transport-safe" because it:

  • Preserves message body integrity regardless of intermediary servers.

  • Eliminates the risk of character modifications during transmission.

  • Is fully compatible with DKIM validation.

  • Is recommended by modern email sending platforms.

With this encoding, the DKIM-signed content reaches the recipient unchanged, and DKIM verification completes with a dkim=pass result.

Summary and Best Practices

  • Use Quoted-Printable: Always use Content-Transfer-Encoding: quoted-printable for both text and HTML emails and avoid 8bit encoding, especially for bulk or automated sends.

  • Verify Libraries: If you use custom mailing libraries (e.g., PHPMailer), ensure they are up to date and correctly handle content encoding.

  • Diagnostics: When troubleshooting body hash did not verify failures, first inspect the message headers and content encoding – this is often the fastest way to identify and resolve DKIM validation issues.

PreviousTechnical Aspects of Emails and IntegrationNextEmail Marketing

Last updated