opendkim-genkey(8)

1opendkim-genkey(8)          System Manager's Manual         opendkim-genkey(8)
2
3
4

NAME

6       opendkim-genkey - DKIM filter key generation tool
7

SYNOPSIS

9       opendkim-genkey [options]
10

DESCRIPTION

12       opendkim-genkey  [22mgenerates (1) a private key for signing messages using
13       opendkim(8) and (2) a DNS TXT record suitable for inclusion in  a  zone
14       file  which  publishes  the  matching public key for use by remote DKIM
15       verifiers.
16
17       The filenames of these are based on the selector (see below); the  pri‐
18       vate  key will have a suffix of ".private" and the TXT record will have
19       a suffix of ".txt".
20

OPTIONS

22       -b bits
23              Specifies the size of the key, in bits, to  be  generated.   The
24              default is 1024 which is the value recommended by the DKIM spec‐
25              ification.
26
27
28       -d domain
29              Names the domain which will use this key for signing.  Currently
30              only  used  in a comment in the TXT record file.  The default is
31              "example.com".
32
33
34       -D directory
35              Instructs the tool to change to the  named  directory  prior  to
36              creating files.  By default the current directory is used.
37
38
39       -f user
40              Defines  the  user  part  of the email address user@domain which
41              will received ARF (draft-ietf-marf-base) feedback reports  if  a
42              DKIM  signature fails as part of draft-ietf-marf-dkim-reporting.
43              By default this is set to postmaster.
44
45
46       -ff format
47              Defines the feedback format  of  draft-ietf-marf-dkim-reporting.
48              Options are arf and smtp.  By default the arf format is used.
49
50
51       -fi interval
52              Defines  the number that specifies the interval in which no more
53              that one report should be sent. By default interval equates to 0
54              requesting all reports.
55
56
57       -g granularity
58              Defines  the  key  granularity, i.e. the user(s) who may use the
59              key.  The default is "*" meaning any user can use the key.
60
61
62       -h algorithms
63              Specifies a list of hash algorithms which can be used with  this
64              key.  By default all hash algorithms are allowed.
65
66
67       -n note
68              Includes  arbitrary note text in the key record.  By default, no
69              such text is included.
70
71
72       -r     Restricts the key for use in e-mail signing only.   The  default
73              is to allow the key to be used for any service.
74
75
76       -s selector
77              Specifies the selector, or name, of the key pair generated.  The
78              default is "default".
79
80
81       -S     Disallows subdomain signing by this key.   By  default  the  key
82              record  will be generated such that verifiers are told subdomain
83              signing is permitted.
84
85
86       -t     Indicates the generated key record should be  tagged  such  that
87              verifiers are aware DKIM is in test at the signing domain.
88

NOTES

90       Requires  that  the openssl(8) binary be installed and in the executing
91       shell's search path.
92

VERSION

94       This man page covers the version of opendkim-genkey that  shipped  with
95       version 2.4.2 of OpenDKIM.
96

COPYRIGHT

98       Copyright  (c) 2007, 2008 Sendmail, Inc. and its suppliers.  All rights
99       reserved.
100
101       Copyright (c) 2009, The OpenDKIM Project.  All rights reserved.
102