DKIM glossary

What are the b= and bh= tags in a DKIM signature?

Samuel Chenard

By Samuel Chenard · CEO & Co-Founder, Palisade · Reviewed July 15, 2026

In a DKIM-Signature, bh= is the hash of the canonicalized message body, and b= is the cryptographic signature over the selected headers (which include bh=). So tampering with the body breaks bh, and tampering with the headers breaks b. The infamous 'body hash did not verify' error points straight at bh.

b= / bh= at a glance
Tagb (signature) and bh (body hash)
Valid valuesBase64 values — bh= is the body hash, b= is the header signature
DefaultBoth are required; a DKIM-Signature is incomplete without them.
Where it goesIn the DKIM-Signature header; b= is conventionally last.

How b= / bh= works

A DKIM signature has two hashes doing two jobs. bh= is the hash of the canonicalized message body. b= is the cryptographic signature over the signed headers — the fields named in h=, plus the DKIM-Signature header itself, which contains bh= (with b= blanked during signing).

Because of that split, the two failure modes are distinct. Tamper with the body and bh no longer matches — the body hash fails. Tamper with a signed header and b no longer verifies — the header signature fails. The famous 'body hash did not verify' error means the body changed after signing, full stop.

In practice, body-hash failures almost always come from something rewriting the body in transit: a mailing list appending a footer, a security gateway adding a disclaimer, or an encoding change (for example, re-wrapping or re-encoding the text). The content still looks fine to a human, but the bytes changed, so bh breaks.

Correct record vs common mistake

Correct

DKIM-Signature: ...; bh=2jUSOH9NhtVGCQ...; b=AuUoFEfDxTDkHlLX...

bh= holds the body hash and b= holds the header signature. Body untouched and headers intact means both verify and DKIM passes.

Common mistake

DKIM-Signature: ...; bh=2jUSOH9NhtVGCQ...; b=AuUoFEfDxTDkHlLX...   [footer appended in transit]

A mailing list appended a footer, changing the body. bh no longer matches the delivered body, so verification fails with 'body hash did not verify'.

Troubleshooting b= / bh=

IssueLikely causeFix
'body hash did not verify'The body was modified after signing — often an appended footer or disclaimerStop the gateway or list from altering the body, or have it re-sign after modifying
Header signature (b=) failsA signed header was changed in transitSign only stable headers and use relaxed header canonicalization
DKIM fails only through a mailing listThe list appends footers or rewrites the subject after signingRely on the list's own DKIM/ARC, or exclude modified headers from h=

See this on your own domain

Enter your domain — the check runs instantly on the next page. Free, no signup.

Why it matters for MSPs

Client mail that flows through mailing lists, ticketing systems, or gateways that append disclaimers will hit body-hash failures — DKIM breaks even though the mail is genuine. Across tenants this masquerades as an authentication problem when it's really a mail-flow one, and it can stall a domain short of reject.

Trusted by MSPs

Their responsive support, agent task lists, white-label reporting, and centralized dashboard make managing our customer domains, effortless.
Bobby GhoshalBobby Ghoshal CEO, dupe.com
Partner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner LogoPartner Logo

Enforce it — don't just monitor it

Palisade reads whether DKIM is failing on the body hash versus the header signature straight from the reports, so a footer-appending gateway is diagnosed as mail flow — not treated as a reason to hold the domain back from reject.

Free 15-day trial · No credit card · Your own domain free forever (NFR)

Frequently asked questions

bh= is the hash of the message body; b= is the cryptographic signature over the signed headers, which include bh=. Body changes break bh; header changes break b.

The body changed after signing. Common culprits are mailing-list footers, gateway-appended disclaimers, and encoding or line-wrapping rewrites in transit — all of which alter the bytes the body hash was computed over.

Many lists append a footer or modify the subject, changing the message after it was signed. That breaks the body hash (and sometimes signed headers), so DKIM fails on the forwarded copy.

Yes. b= is the base64 signature over the selected headers. bh= is a separate body-hash tag that b= commits to, so together they protect both the headers and the body.

Related terms

What is DKIM? DomainKeys Identified Mail explained