Home

dkim-genkey (8)

dkim-genkey(8) dkim-genkey(8) NAME dkim-genkey - DKIM filter key generation tool SYNOPSIS dkim-genkey [options] DESCRIPTION dkim-genkey generates (1) a private key for signing messages using dkim-filter(8) and (2) a DNS TXT record suitable for in- clusion in a zone file which publishes the matching public key for use by remote DKIM verifiers. The filenames of these are based on the selector (see be- low); the pri- vate key will have a suffix of ".private" and the TXT record will have a suffix of ".txt". OPTIONS -b bits Specifies the size of the key, in bits, to be generated. The default is 1024 which is the value recommended by the DKIM spec- ification. -d domain Names the domain which will use this key for sign- ing. Currently only used in a comment in the TXT record file. The default is "example.com". -D directory Instructs the tool to change to the named directory prior to creating files. By default the current directory is used. -g granularity Defines the key granularity, i.e. the user(s) who may use the key. The default is "*" meaning any user can use the key. -h algorithms Specifies a list of hash algorithms which can be used with this key. By default all hash algorithms are allowed. -n note Includes arbitrary note text in the key record. By default, no such text is included. -r Restricts the key for use in e-mail signing only. The default is to allow the key to be used for any service. -s selector Specifies the selector, or name, of the key pair generated. The default is "default". -S Disallows subdomain signing by this key. By de- fault the key record will be generated such that verifiers are told subdomain signing is permitted. -t Indicates the generated key record should be tagged such that verifiers are aware DKIM is in test at the signing domain. NOTES Requires that the openssl(8) binary be installed and in the executing shell's search path. VERSION This man page covers the version of dkim-genkey that shipped with ver- sion 2.7.0 of dkim-filter. COPYRIGHT Copyright (c) 2007, 2008 Sendmail, Inc. and its suppli- ers. All rights reserved. SEE ALSO dkim-filter(8), openssl(8) RFC4871 - DomainKeys Identified Mail Sendmail, Inc. dkim-genkey(8)