opendkim-atpszone(8)(The Trusted Domain Project<)a href="../8/opendkim-atpszone">opendkim-atpszone(8)

     NAME
          opendkim-atpszone - DKIM ATPS zone file generation tool

     SYNOPSIS
          opendkim-atpszone [-A] [-C address] [-E secs] [-h hash] [-N
          ns[,...]]  [-o file] [-r secs] [-R secs] [-S] [-t secs] [-T
          secs] [-u domain] [-v] [dataset]

     DESCRIPTION
          opendkim-atpszone generates a file suitable for use with
          named(8) to publish a set of domains authorized as third-
          party signers for a local domain.

          The dataset parameter should specify a set of data as
          described in the opendkim(8) man page.  It can currently
          refer to flat files, Sleepycat databases, comma-separated
          lists, LDAP directories or SQL databases.  The keys in the
          named database are assumed to comprise a set of domains that
          are to be advertised using the experimental Authorized
          Third-Party Signers protocol as permitted to sign mail using
          DKIM on behalf of the local domain.  Values in the database
          are not used.

     OPTIONS
          -A   Adds a "._atps" suffix to records in the zone file.

          -C contact
               Uses contact as the contact information to be used when
               an SOA record is generated (see -S below).  If not
               specified, the userid of the executing user and the
               local hostname will be used; if the executing user
               can't be determined, "hostmaster" will be used.

          -E secs
               When generating an SOA record (see -S below), use secs
               as the default record expiration time.  The default is
               604800.

          -h hash
               Specifies which SHA hash algorithm to use.  Must be one
               of "none", "sha1" and "sha256", with "sha256" being the
               default if it is available.

          -N nslist
               Specifies a comma-separated list of nameservers, which
               will be output in NS records before the TXT records.
               The first nameserver in this list will also be used in
               the SOA record (if -S is also specified) as the author-
               ity hostname.

     Page 1                       Plan 9             (printed 5/24/22)

     opendkim-atpszone(8)(The Trusted Domain Project<)a href="../8/opendkim-atpszone">opendkim-atpszone(8)

          -o file
               Sends output to the named file rather than standard
               output.

          -r secs
               When generating an SOA record (see -S below), use secs
               as the zone refresh time.  The default is 10800.

          -R secs
               When generating an SOA record (see -S below), use secs
               as the zone retry time.  The default is 1800.

          -S   Asks for an SOA record to be generated at the top of
               the output.  The content of this output can be con-
               trolled using the -E, -r, -R, -T options.  The serial
               number will be generated based on the current time of
               day.

          -t ttl
               Puts a TTL (time-to-live) value of ttl on all records
               output.  The units are in seconds.

          -T secs
               When generating an SOA record (see -S below), use secs
               as the default record TTL time.  The default is 86400.

          -u domain
               Produce output suitable for use as input to nsupdate(8)
               to add ATPS records to the named domain.

          -v   Increases the verbosity of debugging output written to
               standard error.

     VERSION
          This man page covers the version of opendkim-atpszone that
          shipped with version 2.11.0 of OpenDKIM.

     COPYRIGHT
          Copyright (c) 2011, 2012, The Trusted Domain Project.  All
          rights reserved.

     SEE ALSO
          nsupdate(8), opendkim(8), opendkim.conf(5)

     Page 2                       Plan 9             (printed 5/24/22)