1opendkim-genzone(8) System Manager's Manual opendkim-genzone(8)
2
3
4
6 opendkim-genzone - DKIM public key zone file generation tool
7
9 opendkim-genzone [-C address] [-d domain] [-D] [-E secs] [-N ns[,...]]
10 [-o file] [-r secs] [-R secs] [-S] [-t secs] [-T secs] [-v] [-x conf‐
11 file] [dataset]
12
14 opendkim-genzone generates a file suitable for use with named(8) to
15 publish a set of public keys.
16
17 The dataset parameter should specify a set of data as described in the
18 opendkim(8) man page. It can currently refer to flat files, Sleepycat
19 databases, comma-separated lists, LDAP directories or SQL databases.
20 The dataset may be omitted if a configuration file (via the -x command
21 line flag) is specified referring to a configuration file that sets a
22 KeyTable parameter, in which case that value will be used.
23
24 The database contents should be formatted as described for the KeyTable
25 parameter, described in the opendkim.conf(5) man page.
26
28 -C contact
29 Uses contact as the contact information to be used when an SOA
30 record is generated (see -S below). If not specified, the
31 userid of the executing user and the local hostname will be
32 used; if the executing user can't be determined, "hostmaster"
33 will be used.
34
35 -d domain
36 Restricts output to those records for which the domain field is
37 the specified domain.
38
39 -D Adds a "._domainkey" suffix to selector names in the zone file.
40
41 -E secs
42 When generating an SOA record (see -S below), use secs as the
43 default record expiration time. The default is 604800.
44
45 -N nslist
46 Specifies a comma-separated list of nameservers, which will be
47 output in NS records before the TXT records. The first name‐
48 server in this list will also be used in the SOA record (if -S
49 is also specified) as the authority hostname.
50
51 -o file
52 Sends output to the named file rather than standard output.
53
54 -r secs
55 When generating an SOA record (see -S below), use secs as the
56 zone refresh time. The default is 10800.
57
58 -R secs
59 When generating an SOA record (see -S below), use secs as the
60 zone retry time. The default is 1800.
61
62 -S Asks for an SOA record to be generated at the top of the output.
63 The content of this output can be controlled using the -E, -r,
64 -R, -T options. The serial number will be generated based on
65 the current time of day.
66
67 -t ttl Puts a TTL (time-to-live) value of ttl on all records output.
68 The units are in seconds.
69
70 -T secs
71 When generating an SOA record (see -S below), use secs as the
72 default record TTL time. The default is 86400.
73
74 -v Increases the verbosity of debugging output written to standard
75 error.
76
77 -x conffile
78 Names an opendkim.conf(5) file to be read for LDAP-specific
79 parameters when an LDAP dataset is given on the command line.
80 Not required for other dataset types. The default is
81 /etc/opendkim.conf.
82
84 This man page covers the version of opendkim-genzone that shipped with
85 version 2.4.2 of OpenDKIM.
86
88 Copyright (c) 2010, The OpenDKIM Project. All rights reserved.
89
91 opendkim(8), opendkim.conf(5)
92
93
94
95 The OpenDKIM Project opendkim-genzone(8)