String name
String description
ContentTransferEncoding contentTransferEncoding
boolean ignoreDefaults
boolean ignoreOverrides
Set<E> propertiesNotToApplyDefaultValueFor
Set<E> propertiesNotToApplyOverrideValueFor
String id
Recipient fromRecipient
EmailPopulatingBuilder.from(Recipient)List<E> replyToRecipients
Recipient bounceToRecipient
String text
String textHTML
CalendarMethod calendarMethod
String textCalendar
ContentTransferEncoding contentTransferEncoding
String subject
List<E> recipients
List<E> embeddedImages
List<E> attachments
List<E> decryptedAttachments
Email.attachments,
but with any S/MIME signed attachments decrypted.Map<K,V> headers
Boolean useDispositionNotificationTo
Recipient dispositionNotificationTo
Boolean useReturnReceiptTo
Recipient returnReceiptTo
List<E> overrideReceivers
DkimConfig dkimConfig
SmimeEncryptionConfig smimeEncryptionConfig
Email smimeSignedEmail
OriginalSmimeDetails originalSmimeDetails
boolean wasMergedWithSmimeSignedMessage
Date sentDate
byte[] dkimPrivateKeyData
String dkimSigningDomain
String dkimSelector
Boolean useLengthParam
Default Value: null (indicating that the default behavior is determined by the library, which typically excludes the l= parameter).
Warning: Exercise caution when enabling this parameter. Its inclusion can enhance robustness in scenarios where emails undergo legitimate alterations after sending (such as the addition of footers by mailing lists). However, it also poses security risks by allowing attackers to append malicious content to the message without compromising the integrity of the DKIM signature. It is advisable to disable this option (set to false) unless a specific scenario necessitates its use.
Set<E> excludedHeadersFromDkimDefaultSigningList
DkimConfig.Canonicalization headerCanonicalization
Available Values:
- SIMPLE: Applies minimal canonicalization, aiming to preserve the original form of headers as closely as possible.
-
RELAXED: Implements a more forgiving canonicalization, accommodating minor alterations in whitespace and case sensitivity.
Default Value: RELAXED
NOTE: The choice between SIMPLE and RELAXED can impact the success rate of DKIM verification across different mail servers. The RELAXED option tends to normalize minor discrepancies in headers, offering broader compatibility.
DkimConfig.Canonicalization bodyCanonicalization
DkimConfig.headerCanonicalization. It dictates the
standardization process for the body content before signing.String signingAlgorithm
Default Value: SHA256withRSA, which balances robust security with good performance and is broadly supported across platforms.
Supported Signature Algorithms:
- SHA256_WITH_RSA (Recommended)
- SHA1_WITH_RSA
- SHA256_WITH_ED25519
NOTE: The rsa-sha256 algorithm (or another algorithm offering similar security) is strongly recommended. Weaker algorithms, such as rsa-sha1, are no longer deemed secure against contemporary cryptographic threats.
X509Certificate x509Certificate
String keyEncapsulationAlgorithm
Default Algorithm: RSA. Selected for broad compatibility and historical reasons, RSA without OAEP padding is the default. However, for enhanced security, it's recommended to use RSA with OAEP padding and SHA-256 or higher.
Recommended Algorithms: The use of RSA with OAEP padding is advised due to its improved security properties over plain RSA. Algorithms with SHA-256 or higher offer a stronger level of security and are recommended for most applications:
Refer to org.simplejavamail.utils.mail.smime.KeyEncapsulationAlgorithm for the most current
list of supported algorithms.
Note: While the default RSA is widely compatible, the move towards RSA with OAEP padding is encouraged to ensure a higher level of security against modern cryptographic attacks. The choice of SHA-256 or higher as the hashing algorithm for OAEP provides a good balance between security and performance.
String cipherAlgorithm
Default Algorithm: DES_EDE3_CBC. While this is provided for broad compatibility, it's recommended to use AES-based algorithms for enhanced security.
Recommended Encryption Algorithms: The following list focuses on secure and commonly
used algorithms for S/MIME encryption. Note that AES is preferred due to its strong security features and
performance efficiency. For a complete and updated list, consult the Bouncy Castle documentation. For a complete
list of supported algorithms, refer to the Bouncy Castle's see org.bouncycastle.cms.CMSAlgorithm class.
Note: While DES_EDE3_CBC is supported for backward compatibility, AES (128, 192, 256) is strongly recommended for new applications due to its enhanced security and efficiency.
Copyright © 2009–2025. All rights reserved.