Earlier this month, Mary covered the WikiLeaks emails that showed then-CNN contributor, now DNC Chair, Donna Brazile forwarded Team Hillary a question ahead of the second presidential debate.  Not only did the DNC not learn anything from the ouster of Debbie Wasserman Schultz, but now, a tech blogger finds proof that the WikiLeaks emails concerning Brazile are not “doctored” as she claimed.

Fox News reports:

After Democratic Party boss Donna Brazile claimed emails showing her apparently tipping off Hillary Clinton to questions at a March town hall were “doctored,” tech sleuths got to work — and now say they’ve found proof the emails are authentic.

Fox News’ Megyn Kelly questioned Brazile last week about an email that surfaced in hacked messages from Campaign Chairman John Podesta’s account. The email, posted by WikiLeaks and attributed to Brazile, passed on a question to campaign adviser Jennifer Palmieri about the death penalty, under the subject line: “From time to time I get questions in advance.”

The exchange came right before a March town hall hosted by CNN and TV One, where a similar question was asked. Yet Brazile denied receiving questions from CNN.

“I have seen so many doctored emails. I have seen things that come from me at 2 in the morning that I don’t even send,” she said, adding, “I will not sit here and be persecuted, because your information is totally false.”

No one was buying that, so techies decided to look into the emails using a verification program commonly used by email servers to verify emails and sort spam.

Fox News continues:

However, tech blog Errata Security quickly found the email in question could be verified using an everyday verification program.

DomainKeys Identified Mail (DKIM) is a system employed by many email servers, including HillaryClinton.com, to verify emails to recipients and avoid spam filters. The system sends a DKIM “key” to the receiver to verify the sender and confirm the email hasn’t been tampered with.

Consequently, bloggers ran the DKIM keys included in this and other emails through verification software, which in turn validated the Palmieri email as both real and undoctored. The Daily Caller also ran a similar test and got the same result.

In a blog post for Errata Security, cybersecurity expert Robert Graham presented his results, and showed that if the emails had been altered in any way, the software would have declared the email unverified.

“It took less than five minutes,” Graham told FoxNews.com, noting that such software is common and widely available. “It took me longer to document what I had found.”

But could WikiLeaks have hacked and altered the DKIM key also?

Graham says this is unlikely, since to do so they would have needed to access the HillaryClinton.com server.

Graham writes on his blog, Errata Security,

When an email server sends a message, it’ll include an invisible “header”. They aren’t especially hidden, most email programs allow you to view them, it’s just that they are boring, so hidden by default. The DKIM header in this email looks like:

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

        d=hillaryclinton.com; s=google;
        h=from:mime-version:references:in-reply-to:date:message-id:subject:to
         :cc;
        bh=EHIyNFKU1g6KhzxpAJQtxaW82g5+cTT3qlzIbUpGoRY=;
        b=JgW85tkuhlDcythkyCrUMjPIAjHbUVPtgyqu+KpUR/kqQjE8+W23zacIh0DtVTqUGD
         mzaviTrNmI8Ds2aUlzEFjxhJHtgKT4zbRiqDZS7fgba8ifMKCyDgApGNfenmQz+81+hN
         2OHb/pLmmop+lIeM8ELXHhhr0m/Sd4c/3BOy8=

How do you verify this is true. There are a zillion ways with various “DKIM verifiers”.

. . . . Downloading the raw email from WikiLeaks and opening in Thunderbird [the DKIM verifier he prefers], with the addon, I get the following verification that the email is valid. Specifically, it validates that the HillaryClinton.com sent precisely this content, with this subject, on that date.

http://blog.erratasec.com/2016/10/yes-we-can-validate-wikileaks-emails.html#.WA4khPkrLAW<

To demonstrate how the DKIM verifier works, Graham added “Make America Great Again” (heh) to the email and received an “invalid” response.

http://blog.erratasec.com/2016/10/yes-we-can-validate-wikileaks-emails.html#.WA4khPkrLAW

In an update to his post, Graham notes that Hillary’s server is likely to change its DKIM key, so he copied the current one to his post.

Fox News continues:

Graham is so confident in his finding that he has posted a $600 BitCoin challenge to anyone who can alter an email and have it still come up as verified when run through DKIM software.

“If somebody tells you this blogpost is invalid, then tell them they can earn about $600 (current value of BTC) proving it. Otherwise, no,” he says.

Clinton running mate Tim Kaine has also suggested the WikiLeaks emails could be doctored, but so far neither the campaign nor the DNC has presented evidence to support this claim.