Validating Wikileaks Emails [Just The Facts]

This is Naked Capitalism fundraising week. 1288 donors have already invested in our efforts to combat corruption and predatory conduct, particularly in financial realm. Please join us and participate via our Tip Jar, which shows how to give via check, credit card, debit card, or PayPal. Read about why we’re doing this fundraiser, what we’ve accomplished in the last year, and our fifth goal, more original reporting.

By Patrick Durusau. Originally published at Another Word For It

factual basis for reporting on alleged “doctored” or “falsified” emails from Wikileaks has emerged.

Now to see if the organizations and individuals responsible for repeating those allegations, some 260,000 times, will put their doubts to the test.

You know where my money is riding.

If you want to verify the Podesta emails or other email leaks from Wikileaks, consult the following resources.

Yes, we can validate the Wikileaks emails by Robert Graham.

From the post:

Recently, WikiLeaks has released emails from Democrats. Many have repeatedly claimed that some of these emails are fake or have been modified, that there’s no way to validate each and every one of them as being true. Actually, there is, using a mechanism called DKIM.

DKIM is a system designed to stop spam. It works by verifying the sender of the email. Moreover, as a side effect, it verifies that the email has not been altered.

Hillary’s team uses “”, which as DKIM enabled. Thus, we can verify whether some of these emails are true.

Recently, in response to a leaked email suggesting Donna Brazile gave Hillary’s team early access to debate questions, she defended herself by suggesting the email had been “doctored” or “falsified”. That’s not true. We can use DKIM to verify it.

Bob walks you through validating a raw email from Wikileaks with the DKIM verifier plugin for Thunderbird. And demonstrating the same process can detect “doctored” or “falsified” emails.

Bob concludes:

I was just listening to ABC News about this story. It repeated Democrat talking points that the WikiLeaks emails weren’t validated. That’s a lie. This email in particular has been validated. I just did it, and shown you how you can validate it, too.

Btw, if you can forge an email that validates correctly as I’ve shown, I’ll give you 1-bitcoin. It’s the easiest way of solving arguments whether this really validates the email — if somebody tells you this blogpost is invalid, then tell them they can earn about $600 (current value of BTC) proving it. Otherwise, no.

BTW, Bob also points to:

Here’s Cryptographic Proof That Donna Brazile Is Wrong, WikiLeaks Emails Are Real by Luke Rosiak, which includes this Python code to verify the emails:




Verifying Wikileaks DKIM-Signatures by teknotus, offers this manual approach for testing the signatures:


But those are all one-off methods and there are thousands of emails.


But the post by teknotus goes on:

Preliminary results

I only got signature validation on some of the emails I tested initially but this doesn’t necessarily invalidate them as invisible changes to make them display correctly on different machines done automatically by browsers could be enough to break the signatures. Not all messages are signed. Etc. Many of the messages that failed were stuff like advertising where nobody would have incentive to break the signatures, so I think I can safely assume my test isn’t perfect. I decided at this point to try to validate as many messages as I could so that people researching these emails have any reference point to start from. Rather than download messages from wikileaks one at a time I found someone had already done that for the Podesta emails, and uploaded zip files to

Emails 1-4160
Emails 4161-5360
Emails 5361-7241
Emails 7242-9077
Emails 9078-11107

It only took me about 5 minutes to download all of them. Writing a script to test all of them was pretty straightforward. The program dkimverify just calls a python function to test a message. The tricky part is providing context, and making the results easy to search.

Automated testing of thousands of messages

It’s up on Github

It’s main output is a spreadsheet with test results, and some metadata from the message being tested. Results Spreadsheet 1.5 Megs

It has some significant bugs at the moment. For example Unicode isn’t properly converted, and spreadsheet programs think the Unicode bits are formulas. I also had to trap a bunch of exceptions to keep the program from crashing.

Warning: I have difficulty opening the verify.xlsx file. In Calc, Excel and in a CSV converter. Teknotus reports it opens in LibreOffice Calc, which just failed to install on an older Ubuntu distribution. Sing out if you can successfully open the file.

Journalists: Are you going to validate Podesta emails that you cite? Or that others claim are false/modified?

Print Friendly, PDF & Email


      1. hunkerdown

        Loads fine in LO 4, but in LO 5 I get a “File is corrupt and cannot be opened” on LibreOffice; repair attempts fail. The xlsx file was generated programmatically, with a Python toolkit called openpyxl, which apparently does not produce files quite compliant with the OOXML standard.

        But this is impressive verification work. No wonder the national security state wants crypto out of the hands of the people tout-suite.

        1. temporal

          I’m pretty sure that the kind of cryptography used to validate email contents and sources is a godsend to would be prosecutors and law enforcement types. Given that encrypted pipes like ssh and https depend upon SSL and the favored implementation of OpenSSL is run by an ex-CIA guy, they may not care a lot about about that either. Even after the heartbeat exploit was finally removed from the code.

          The kind government types really seem to hate is strongly encrypted files including email contents.

  1. Whine Country

    Assuming everything that comes out of the Clinton camp is a lie, works fine for me and I recommend it to anyone not willing or able to waste time verifying that they are all a bunch of liars.

    1. Ivy

      Waiting with rapt attention the investigative journalism pieces on the email matters, but not holding my breath. Perhaps email shaming should be added to the contemporary lexicon, if only to be like LBJ just to hear them deny the accusations?

  2. susan the other

    It was painful watching Donna Brazile get caught in Megan Kelly’s cross examination. She (Donna) was loyal to a fault, making herself look like an idiot, a very sad idiot, when she claimed the emails had been doctored.

    1. Steve H.

      Brazile kept calling her ‘Kelly’ while talking about how well she prepared for these interviews. Until Megyn corrected her.

      I find myself focusing on how strong Megyn Kelly is rather than another hack throwing their career into Clintons sacrificial volcano. Honorary ‘Ripley’ Award!

      1. PapaBear

        For the life of me I can’t understand why so many people do lay down their reputations for the Clinton cause?

        1. redleg

          Why did people drink the Kool-Aid at Jonestown?
          I don’t think that Clinton Cronies expect a heavenly reward (although I find Clinton too close to Caligula for comfort), perhaps they are die hard loyal because staying out of jail depends entirely on Clinton winning.

    2. notlurking

      When someone claims I’m a christian blah blah blah……run for cover…..its bs time…….lol

  3. Paid Minion

    My favorite comment over the weekend was “We will not comment about stolen e-mails”.

    To me, that pretty much confirms that they are not faked.

    From the beginning, they have been trying to shift the discussion to “stolen property”, and have gone out of their way with the Lawyerese to imply they are faked/doctored. Without actually saying so for the most part.

    Probably because they know they are real, and that any lying, unambiguous denial will lead to even more document releases that prove they are liars.

    Eventually, like the “Is-Is” argument, we will eventually be involved on what the definition of “liar” is.

  4. tiger

    The media needs to be informed about this on Twitter or otherwise in a public way, by a serious person or people, so that from now on they will have to call out any more of this “Russia doctored” story. To me this story is the biggest threat to a government “for the people by the people” that I’ve ever seen in my lifetime. It’s a story that makes me that much more disgusted with any 1 vote for Hillary.

    1. Howard Richardson

      Could this doctored e mail issue be one more “Tonkin Gulf ” type event leading us to…..?

    2. Lambert Strether

      One very good thing NC readers could do is tweet this link out to the better sort of journalist and/or blogger. David Sirota comes to mind. Even Politico on a good day. Also Slashdot and other technical venues.

  5. Howard Richardson

    Could this doctored e mail issue be one more “Tonkin Gulf ” type event leading us to…..?

  6. dk

    What a precedent! How often are we dependent on the integrity (and intelligence, and expertise) of journalists, providing information that may not be easy for readers to verify?

    Yet here, everyone can examine and perform verification of the materials, independent even of journalists writing about them.

    Here’s a little thing on what kind of security issues DKIM can and can’t be used to mitigate:

Comments are closed.