opendkim-genzone(8)(The Trusted Domain Project)opendkim-genzone(8)

     NAME
          opendkim-genzone - DKIM public key zone file generation tool

     SYNOPSIS
          opendkim-genzone [-C address] [-d domain] [-D] [-M] [-E
          secs] [-F] [-N ns[,...]]  [-o file] [-r secs] [-R secs] [-s]
          [-S] [-t secs] [-T secs] [-u] [-v] [-x conffile] [dataset]

     DESCRIPTION
          opendkim-genzone generates a file suitable for use with
          named(8) to publish a set of public keys.

          The dataset parameter should specify a set of data as
          described in the opendkim(8) man page.  It can currently
          refer to flat files, Sleepycat databases, comma-separated
          lists, LDAP directories or SQL databases.  The dataset may
          be omitted if a configuration file (via the -x command line
          flag) is specified referring to a configuration file that
          sets a KeyTable parameter, in which case that value will be
          used.

          The database contents should be formatted as described for
          the KeyTable parameter, described in the opendkim.conf(5)
          man page.

     OPTIONS
          -C contact
               Uses contact as the contact information to be used when
               an SOA record is generated (see -S below).  If not
               specified, the userid of the executing user and the
               local hostname will be used; if the executing user
               can't be determined, "hostmaster" will be used.

          -d domain
               Restricts output to those records for which the domain
               field is the specified domain.

          -D   Adds a "._domainkey" suffix to selector names in the
               zone file.

          -M   Restricts the keys for use in e-mail signing only.  The
               default is to allow the keys to be used for any ser-
               vice.

          -E secs
               When generating an SOA record (see -S below), use secs
               as the default record expiration time.  The default is
               604800.

          -F   Adds a "._domainkey" suffix and the domainname to

     Page 1                       Plan 9             (printed 5/23/22)

     opendkim-genzone(8)(The Trusted Domain Project)opendkim-genzone(8)

               selector names in the zone file.

          -N nslist
               Specifies a comma-separated list of nameservers, which
               will be output in NS records before the TXT records.
               The first nameserver in this list will also be used in
               the SOA record (if -S is also specified) as the author-
               ity hostname.

          -o file
               Sends output to the named file rather than standard
               output.

          -r secs
               When generating an SOA record (see -S below), use secs
               as the zone refresh time.  The default is 10800.

          -R secs
               When generating an SOA record (see -S below), use secs
               as the zone retry time.  The default is 1800.

          -s   Extends the logic of "-d" to include subdomains.

          -S   Asks for an SOA record to be generated at the top of
               the output.  The content of this output can be con-
               trolled using the -E, -r, -R, -T options.  The serial
               number will be generated based on the current time of
               day.

          -t ttl
               Puts a TTL (time-to-live) value of ttl on all records
               output.  The units are in seconds.

          -T secs
               When generating an SOA record (see -S below), use secs
               as the default record TTL time.  The default is 86400.

          -u   Produce output suitable for use as input to
               nsupdate(8).

          -v   Increases the verbosity of debugging output written to
               standard error.

          -x conffile
               Names an opendkim.conf(5) file to be read for LDAP-
               specific parameters when an LDAP dataset is given on
               the command line.  Not required for other dataset
               types.  The default is /etc/opendkim.conf.

     VERSION
          This man page covers the version of opendkim-genzone that
          shipped with version 2.11.0 of OpenDKIM.

     Page 2                       Plan 9             (printed 5/23/22)

     opendkim-genzone(8)(The Trusted Domain Project)opendkim-genzone(8)

     COPYRIGHT
          Copyright (c) 2010, 2012, 2014, 2015, The Trusted Domain
          Project.  All rights reserved.

     SEE ALSO
          nsupdate(8), opendkim(8), opendkim.conf(5)

     Page 3                       Plan 9             (printed 5/23/22)