DKIM Body Hash Errors: Causes and Fixes
Learn why DKIM body hash verification fails, what causes 'body hash did not verify' errors, and how to fix them. Covers canonicalization, message modification, and troubleshooting steps.
Last updated: 2026-02-06
"Body hash did not verify" is one of the most common DKIM failures. It means the email body changed after the sending server signed it. The receiving server hashed the body it received, compared it to the bh= value in the DKIM-Signature header, and the two didn't match.
This article explains exactly what body hash verification is, why it fails, and how to fix it.
What Is the Body Hash?
When a sending server signs an email with DKIM, it computes a hash (digest) of the message body and stores it in the bh= tag of the DKIM-Signature header:
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=example.com; s=selector1;
h=from:to:subject:date;
bh=2jUSOH9NhtVGCQWNr9BrIAPreKQjO6Sn7XIkfJVOzv8=;
b=...
The bh= value is a Base64-encoded SHA-256 hash of the canonicalized message body. When the receiving server gets the email, it:
- Canonicalizes the body using the method specified in
c= - Hashes the result with the algorithm from
a=(typically SHA-256) - Compares its computed hash to the
bh=value
If they don't match, you get: body hash did not verify.
The body hash check happens before the full signature verification. If the body hash fails, the entire DKIM check fails — the receiver won't even attempt to verify the b= signature.
Why Body Hash Verification Fails
The root cause is always the same: the body the receiver sees is different from the body the sender signed. Here are the most common reasons.
1. Mailing List Footer Additions
Mailing list software (Mailman, Google Groups, LISTSERV) commonly appends footers like unsubscribe links to every message. This changes the body after the original sender signed it.
Example:
--- Original signed body ---
Hello team, please review the attached proposal.
--- Footer added by mailing list ---
--
To unsubscribe, visit: https://lists.example.com/unsubscribe
The appended footer changes the body hash. This is the single most common cause of body hash failures.
2. Email Forwarding with Modifications
Forwarding services may alter the message body by:
- Adding forwarding notices ("Forwarded message from...")
- Wrapping the original content in a new MIME structure
- Converting plain text to HTML or vice versa
3. Antivirus and Security Gateway Modifications
Corporate email security appliances and antivirus scanners may:
- Append virus scan results ("This email was scanned by...")
- Strip or modify attachments
- Rewrite URLs for safe link checking
- Add disclaimer banners
4. Encoding Changes
Intermediate mail servers may change the content transfer encoding:
- Converting
quoted-printabletobase64or7bit - Changing line endings from
\r\nto\nor vice versa - Re-encoding character sets
5. HTML Sanitization
Some relay servers clean up HTML content by:
- Removing
<script>tags - Stripping inline styles
- Rewriting
<img>URLs - Normalizing HTML structure
6. Content-Length Truncation
Some mail servers enforce body size limits. If the body is truncated after signing, the hash will not match.
Any system that touches the message body between the signing server and the receiving server can cause a body hash mismatch. This includes spam filters, DLP systems, email gateways, and virus scanners.
How Canonicalization Affects Body Hash
The c= tag in the DKIM-Signature header specifies how the body is normalized before hashing. The body canonicalization mode (the value after the slash) directly impacts body hash resilience.
Simple body canonicalization (c=.../simple):
- Only ignores trailing empty lines at the end of the body
- All other content must be byte-for-byte identical
- Very fragile — even a single added space will break the hash
Relaxed body canonicalization (c=.../relaxed):
- Reduces sequences of whitespace to a single space
- Removes trailing whitespace from each line
- Ignores trailing empty lines at the end of the body
- More tolerant of minor transit modifications
| Modification Type | Simple Body | Relaxed Body |
|---|---|---|
| Trailing whitespace added to lines | Fails | Survives |
| Extra blank lines at end of body | Survives | Survives |
| Whitespace sequences changed | Fails | Survives |
| Footer appended | Fails | Fails |
| HTML rewritten | Fails | Fails |
| Encoding changed | Fails | Fails |
Relaxed canonicalization helps with whitespace issues but cannot save you from content additions, encoding changes, or structural modifications.
Generate DKIM keys with relaxed canonicalization
Create key pairs configured for maximum compatibility.
How to Diagnose Body Hash Errors
Check the Authentication-Results header
Look at the email headers on the receiving side. The Authentication-Results header will show the DKIM result. Look for body hash did not verify or bh mismatch.
Authentication-Results: mx.google.com;
dkim=fail (body hash did not verify) header.d=example.com header.s=selector1
Identify the canonicalization mode
Look at the c= tag in the DKIM-Signature header. If it's simple/simple, switching to relaxed/relaxed may resolve whitespace-related issues.
Compare the message body at sending and receiving
Send a test email to an account where you can view the raw source. Compare the raw body between what was sent and what was received. Look for added footers, encoding changes, or HTML modifications.
Check for intermediate systems
Map the email path using the Received: headers. Identify every server the message passed through. Any of them could be modifying the body.
Test with a simple plain-text email
Send a minimal plain-text email with no attachments. If this passes DKIM but complex emails fail, the issue is likely with how a specific content type is being modified in transit.
Check for known modifiers
Common culprits:
- Mailing list software (check list settings for footer/header injection)
- Corporate email gateways (Proofpoint, Mimecast, Barracuda)
- Antivirus scanners (ClamAV, Sophos)
- DLP (Data Loss Prevention) systems
How to Fix Body Hash Errors
Switch to Relaxed Canonicalization
If you're using simple body canonicalization, switch to relaxed:
# Before
c=simple/simple
# After
c=relaxed/relaxed
This won't fix content additions, but it will eliminate failures caused by whitespace changes.
Disable Body Modifications in Transit
If a security gateway or mailing list is modifying the body:
- Mailing lists: Configure the list to not add footers, or add them as separate MIME parts (some list software supports this)
- Security gateways: Configure them to operate on messages before DKIM signing, not after
- Antivirus disclaimers: Move disclaimer injection to the sending server, before DKIM signing occurs
Implement ARC (Authenticated Received Chain)
ARC preserves the original authentication results across forwarding hops. When a trusted intermediary modifies a message, it can add ARC headers that allow the final receiver to trust the original DKIM signature even though the body changed.
ARC is supported by Gmail, Microsoft, and other major providers.
Use the l= Tag Carefully
The l= (body length) tag limits how many bytes of the body are signed. In theory, content added after the signed portion wouldn't break the hash. In practice:
The l= tag is a security risk. It allows an attacker to append arbitrary content to a signed email. Most security experts advise against using it. DMARC evaluators may treat signatures with l= as less trustworthy.
Reorder Your Email Pipeline
If possible, arrange your mail flow so that DKIM signing happens last, after all modifications:
Compose → Security scan → Disclaimer added → DKIM sign → Send
Not:
Compose → DKIM sign → Security scan → Disclaimer added → Send
Special Case: Empty Body
An email with an empty body has a known, fixed body hash. For SHA-256, the hash of an empty body (after canonicalization) is:
bh=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=
If you see this value in bh= but the received message has content in the body, something added content after signing.
Special Case: MIME Multipart Messages
MIME multipart emails (with attachments or HTML+text alternatives) are particularly vulnerable to body hash failures because:
- Boundary strings must remain identical
- MIME part ordering must be preserved
- Each part's encoding must be unchanged
If your emails include attachments and body hash fails, check whether intermediate systems are reorganizing MIME parts or re-encoding attachments.
Related Articles
Generating proper DKIM keys is the first step to reliable email authentication.
Generate DKIM keys with best-practice settings
Create 2048-bit RSA key pairs optimized for maximum deliverability. Free, instant, and browser-based.
Generate DKIM Keys