How to forward email body without any change

Question

Need to Forward raw Email without any change

Working on an email forwarding script and implementing SRS with keeping DKIM intact (for DMARC).

I have Laravel application piped to postfix and presently using phpemailmimeparser with mailable.

The problem is dkim signature breaks when I take the email body from phpemailmimeparser and put it into swift_mailer to mailable than queue it.

Problems encountered are as follows :

• Boundary value changes (which I can get from header and re-apply in swift_mailer)
• It's adding an additional line before and after boundary.
• Additional lines after HTML type body message

But issue seems to be much bigger, as there are valid emails that can have only text, html or can be even without boundary values.

Similar issues can occur with attachments/embedded things as well.

Any minor changes including an additional line break, cause dkim body hash to fail.

I can get headers to match, but making body hash match every time doesn't seem possible upon rebuilding email.

At this point it feels like I should somehow pass the complete raw email itself to forwarded address. I have access to complete raw email via postfix pipe, Not sure how to forward raw email though.

All I want is to change the envelope / return path to SRS value and keep rest of the email as it is.

At this point I am open to using any php-based library or solution, that can allow me to modify envelope and queue it back to postfix to forward.

Update

Only way I am able to make it work till now is via fsockopen+telnet+smtp and pass complete raw file.

Hopefully, someone can suggest me a better solution than that, as flurry of socket connections can have it's own issues.

Attempted with php mail, but it cannot mask to field which is required for forwarding.

Answer 1

Finally ended up using PHPmailer. Modified it to pass raw text as body and header over smtp protocol.

Under the hood it's using socket client and fsock, but at least I have a clean wrapper to handle things at my code.

DKIM occasionally fails still, but that has got to do with encoding issues here and there.

Answer 2

I would setup an own DKIM setup and just use normal forwarding, then the DKIM keys come are from your own server which should provide the reputation.

Dkim is made to prevent server spoofing, so you can not send an email from another server except where the keys are configured..

There is IMHO no other solution imho than passing the raw file on a socket.