opendkim.conf(5)

1opendkim.conf(5)              File Formats Manual             opendkim.conf(5)
2
3
4

NAME

6       opendkim.conf - Configuration file for opendkim
7
8

LOCATION

10       /etc/opendkim.conf
11
12

DESCRIPTION

14       opendkim(8) implements the DKIM specification for signing and verifying
15       e-mail messages on a per-domain basis.  This file is its  configuration
16       file.
17
18       Blank  lines  are ignored.  Lines containing a hash ("#") character are
19       truncated at the hash character to allow for comments in the file.
20
21       Other content should be the name of  a  parameter,  followed  by  white
22       space,  followed  by  the  value  of that parameter, each on a separate
23       line.
24
25       For parameters that are Boolean in nature, only the first byte  of  the
26       value  is  processed.  For positive values, the following are accepted:
27       "T", "t", "Y", "y",  "1".   For  negative  values,  the  following  are
28       accepted: "F", "f", "N", "n", "0".
29
30       Many,  but  not  all, of these parameters are also available as command
31       line options to opendkim(8).  However, new parameters are generally not
32       added  as command line options so the complete set of options is avail‐
33       able here, and thus use of the configuration file  is  encouraged.   In
34       some  future  release,  the  set  of  available command line options is
35       likely to get trimmed.
36
37       See the opendkim(8) man page for details about how and when the config‐
38       uration file contents are reloaded.
39
40       Some of these parameters are listed as having a type of "dataset".  See
41       the opendkim(8) man page for a description of such parameters.
42
43       Unless otherwise stated, Boolean values  default  to  "false",  integer
44       values  default  to  0,  and string and dataset values default to being
45       undefined.
46
47

PARAMETERS

49       AllowSHA1Only (Boolean)
50              Permit verify mode when only SHA1 support is available.  RFC6376
51              requires  that verifiers implement both SHA1 and SHA256 support.
52              Setting this feature changes the absence of SHA256 support  from
53              an error to a warning.
54
55
56       AlwaysAddARHeader (Boolean)
57              Add  an  "Authentication-Results:" header field even to unsigned
58              messages from domains with no "signs all" policy.  The  reported
59              DKIM  result  will  be  "none" in such cases.  Normally unsigned
60              mail from non-strict domains does not cause the  results  header
61              field to be added.
62
63
64       AuthservID (string)
65              Sets  the  "authserv-id"  to use when generating the Authentica‐
66              tion-Results: header  field  after  verifying  a  message.   The
67              default  is  to  use the name of the MTA processing the message.
68              If the string "HOSTNAME" is provided, the name of the host  run‐
69              ning  the  filter  (as  retur