NAME

       opendkim-atpszone - DKIM ATPS zone file generation tool

SYNOPSIS

       opendkim-atpszone [-A] [-C address] [-E secs] [-h hash] [-N ns[,...]]  [-o file] [-r secs] [-R secs] [-S]
       [-t secs] [-T secs] [-u domain] [-v] [dataset]

DESCRIPTION

       opendkim-atpszone generates a file suitable for use with named(8) to publish a set of domains  authorized
       as third-party signers for a local domain.

       The  dataset  parameter  should  specify  a set of data as described in the opendkim(8) man page.  It can
       currently refer to flat files, Sleepycat  databases,  comma-separated  lists,  LDAP  directories  or  SQL
       databases.   The  keys  in  the  named  database  are assumed to comprise a set of domains that are to be
       advertised using the experimental Authorized Third-Party Signers protocol as permitted to sign mail using
       DKIM on behalf of the local domain.  Values in the database are not used.

OPTIONS

       -A     Adds a "._atps" suffix to records in the zone file.

       -C contact
              Uses contact as the contact information to be used when an SOA record is generated (see -S below).
              If not specified, the userid of the executing user and the local hostname will  be  used;  if  the
              executing user can't be determined, "hostmaster" will be used.

       -E secs
              When generating an SOA record (see -S below), use secs as the default record expiration time.  The
              default is 604800.

       -h hash
              Specifies which SHA hash algorithm to use.  Must be one  of  "none",  "sha1"  and  "sha256",  with
              "sha256" being the default if it is available.

       -N nslist
              Specifies a comma-separated list of nameservers, which will be output in NS records before the TXT
              records.  The first nameserver in this list will also be used in the SOA record  (if  -S  is  also
              specified) as the authority hostname.

       -o file
              Sends output to the named file rather than standard output.

       -r secs
              When  generating  an SOA record (see -S below), use secs as the zone refresh time.  The default is
              10800.

       -R secs
              When generating an SOA record (see -S below), use secs as the zone retry  time.   The  default  is
              1800.

       -S     Asks  for  an SOA record to be generated at the top of the output.  The content of this output can
              be controlled using the -E, -r, -R, -T options.  The serial number will be generated based on  the
              current time of day.

       -t ttl Puts a TTL (time-to-live) value of ttl on all records output.  The units are in seconds.

       -T secs
              When  generating  an  SOA  record  (see  -S  below), use secs as the default record TTL time.  The
              default is 86400.

       -u domain
              Produce output suitable for use as input to nsupdate(8) to add ATPS records to the named domain.

       -v     Increases the verbosity of debugging output written to standard error.

VERSION

       This man page covers the version of opendkim-atpszone that shipped with version 2.11.0 of OpenDKIM.

COPYRIGHT

       Copyright (c) 2011, 2012, The Trusted Domain Project.  All rights reserved.

SEE ALSO

       nsupdate(8), opendkim(8), opendkim.conf(5)

                                           The Trusted Domain Project                       opendkim-atpszone(8)