Provided by: dkimproxy_1.4.1-3_all bug

NAME

       dkimproxy.in - SMTP proxy for verifying DKIM signatures

DESCRIPTION

       dkimproxy.in  listens  on the IP address and TCP port specified by its first argument (the
       "listen" port), and sends the traffic it receives onto the second  argument  (the  "relay"
       port),  with messages getting verified and having an "Authentication-Results" header added
       to them.

SYNOPSIS

         dkimproxy.in [options] LISTENADDR:PORT RELAYADDR:PORT
           smtp options:
             --conf_file=FILENAME
             --listen=LISTENADDR:PORT
             --relay=RELAYADDR:PORT
             --reject-error

           verification options:
             --reject-fail
             --hostname=HOSTNAME

           daemon options:
             --daemonize
             --user=USER
             --group=GROUP
             --pidfile=PIDFILE
             --min_servers=NUM

OPTIONS

       --daemonize

       If specified, the server will run in the background.

       --group=GROUP

       If specified, the daemonized process will setgid() to the specified GROUP.

       --hostname=HOSTNAME

       Overrides the hostname used in the Authentication-Results header.  This header gets  added
       to  every  verified  message.   Use  this option if the hostname that appears is not fully
       qualified or you want to use an alternate name.

       --pidfile=PIDFILE

       Creates a PID file (a file containing the PID of the process) for the daemonized  process.
       This makes it possible to check the status of the process, and to cleanly shut it down.

       --reject-error

       This  option  specifies what to do if an error occurs during verification of a message. If
       this option is specified, the message will be rejected with an SMTP error code. This  will
       result  in the MTA sending the message to try again later, or bounce it back to the sender
       (depending on the exact error code used). If this option is  not  specified,  the  message
       will  be  passed through with an error listed in the Authentication-Results header instead
       of the verification results.

       --reject-fail

       This option specifies what to do if verification fails and the sender signing policy  says
       to  reject  the message. If this option is specified, the message will be rejected with an
       SMTP error code.  This will result in the sending MTA to bounce the message  back  to  the
       sender. If this option is not specified, the message will pass through as normal.

       --user=USER

       If  specified, the daemonized process will setuid() to USER after completing any necessary
       privileged operations, but before accepting connections.

       --min_servers=NUM

       Number of process that DKIMproxy shall spawn and get ready for filtering.

EXAMPLE

       For example, if dkimproxy.in is started with:

         dkimproxy.in --reject-fail --reject-error 127.0.0.1:10025 127.0.0.1:10026

       the proxy will listen on port 10025 and send the verified  messages  to  some  other  SMTP
       service on port 10026.

CONFIGURATION FILE

       Parameters  can be stored in a separate file instead of specifying them all on the command
       line. Use the conf_file option to specify the path to the configuration file, e.g.

         dkimproxy.in --conf_file=/etc/dkimproxy_in.conf

       The format of the configuration file is one option per line: name of  the  option,  space,
       then the value of the option. E.g.

         # this is an example config file
         listen      127.0.0.1:10025
         relay       127.0.0.1:10026
         hostname    myhost.example.com
         reject_fail

       is equivalent to

         dkimproxy.out                 --hostname=myhost.example.com                --reject-fail
       127.0.0.1:10025 127.0.0.1:10026

SEE ALSO

       dkimproxy.out(8), dkim_responder(1), dkimsign(1),  dkimverify(1)

                                                                                  dkimproxy.in(8)