NAME

       opendkim-genzone - DKIM public key zone file generation tool

SYNOPSIS

       opendkim-genzone  [-C  address]  [-d  domain]  [-D] [-E secs] [-N ns[,...]]  [-o file] [-r
       secs] [-R secs] [-S] [-t secs] [-T secs] [-u] [-v] [-x conffile] [dataset]

DESCRIPTION

       opendkim-genzone generates a file suitable for use with  named(8)  to  publish  a  set  of
       public keys.

       The  dataset  parameter  should  specify a set of data as described in the opendkim(8) man
       page.  It can currently refer to flat files, Sleepycat databases,  comma-separated  lists,
       LDAP  directories  or  SQL  databases.  The dataset may be omitted if a configuration file
       (via the -x command line flag) is specified referring to a configuration file that sets  a
       KeyTable parameter, in which case that value will be used.

       The  database  contents  should  be  formatted  as  described  for the KeyTable parameter,
       described in the opendkim.conf(5) man page.

OPTIONS

       -C contact
              Uses contact as the contact information to be used when an SOA record is  generated
              (see  -S  below).  If not specified, the userid of the executing user and the local
              hostname will be used; if the executing user can't be determined, "hostmaster" will
              be used.

       -d domain
              Restricts  output  to  those  records  for  which the domain field is the specified
              domain.

       -D     Adds a "._domainkey" suffix to selector names in the zone file.

       -E secs
              When generating an SOA record (see -S  below),  use  secs  as  the  default  record
              expiration time.  The default is 604800.

       -N nslist
              Specifies a comma-separated list of nameservers, which will be output in NS records
              before the TXT records.  The first nameserver in this list will also be used in the
              SOA record (if -S is also specified) as the authority hostname.

       -o file
              Sends output to the named file rather than standard output.

       -r secs
              When  generating  an  SOA record (see -S below), use secs as the zone refresh time.
              The default is 10800.

       -R secs
              When generating an SOA record (see -S below), use secs as the zone retry time.  The
              default is 1800.

       -S     Asks  for  an  SOA record to be generated at the top of the output.  The content of
              this output can be controlled using the -E, -r, -R, -T options.  The serial  number
              will be generated based on the current time of day.

       -t ttl Puts  a  TTL  (time-to-live)  value of ttl on all records output.  The units are in
              seconds.

       -T secs
              When generating an SOA record (see -S below), use secs as the  default  record  TTL
              time.  The default is 86400.

       -u     Produce output suitable for use as input to nsupdate(8).

       -v     Increases the verbosity of debugging output written to standard error.

       -x conffile
              Names an opendkim.conf(5) file to be read for LDAP-specific parameters when an LDAP
              dataset is given on the command line.  Not required for other dataset  types.   The
              default is /etc/opendkim.conf.

VERSION

       This  man  page  covers the version of opendkim-genzone that shipped with version 2.9.1 of
       OpenDKIM.

COPYRIGHT

       Copyright (c) 2010, 2012, The Trusted Domain Project.  All rights reserved.

SEE ALSO

       nsupdate(8), opendkim(8), opendkim.conf(5)

                                    The Trusted Domain Project                opendkim-genzone(8)