-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathlibqdkim.man
79 lines (75 loc) · 2.44 KB
/
libqdkim.man
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
.TH libqdkim 8 "" openqmail
.SH NAME
libqdkim \- handles DKIM signatures from stdin
.SH SYNOPSIS
\fBlibqdkim\fR \fIoptions [tags] <infile> [<privkeyfile> <outfile>]\fR
\fIoptions\fR is a series of getopt-style options to handle the behavior of
\fBlibqdkim\fR. \fItags\fR is a series like \fIoptions\fR to specify values of
tags of a signature.
.SH DESCRIPTION
\fBlibqdkim\fR creates DKIM signatures and add them to email headers or verifies
DKIM signatures. Line endings have to be \fBCRLF\fR for verification.
.SH OPTIONS
.TP
-s
." \fIkey\fR
signs a message using \fIprivkeyfile\fR, which is a path to a file with a
private key (PEM format). The base name of the file is used as selector. Reads
the email message on stdin and prints the \fIDKIM-Signature\fR header.
.TP
-v
Verifies a message and prints the result. On failure it exits with a non-zero exit code and includes the code to the result.
.TP
-h
prints short help and exists
.SH TAGS
.TP
-l
include the body length tag, if not provided it will not be included
.TP
-q
include query method tag, if not provided it will not be included
.TP
-t
include a timestamp tag, if not provided it will not be included
." .TP
." -f
." issue error if not all message's From headers are in signature
." .TP
." -h
." include Copied Headers
." .TP
." -p \fIssp\fR | \fIadsp\fR
." 0 - disable practice (default), 1- SSP, or 2 - ADSP verification
.TP
-b<\fIstandard\fR>
standard is a numeric value (1=allman, 2=ietf or 3=both)
.TP
-c<\fIcanonicalization\fR>
canonicalization is one of r, s, t or u (r=relaxed [DEFAULT], s=simple, t=relaxed/simple, u=simple/relaxed)
-d \fIdomain\fR
the domain tag, if not provided, determined from the sender/from header
.TP
-i<\fIidentity\fR>
the identity (usually sender address), if not provided it will not be included
.TP
-x<\fIexpire_time\fR>
the expire time in seconds since epoch ( DEFAULT = current time + 604800). If set to - then it will not be included
.TP
-z<\fIhash\fR>
a numeric value to set the rsa key type (1=sha1, 2=sha256, 3=both)
.TP
-y<\fIselector\fR>
the selector tag (DEFAULT=default)
.SH EXAMPLES
To sign a message and assuming your domainkeys are in \fIQMAILHOME/etc/dkimkeys\fR do:
.EX
libqdkim -ydefault -d"example.com" -i"me@example.com" -l -b2 -ct -z2 \\
-s "$InMsg" QMAILHOME/etc/dkimkeys/example.org/default "$OutMsg" 2>/dev/null
.EE
To verify a message, where message is a DKIM signed email:
.EX
libqdkim -v <message>
.EE
.SH "SEE ALSO"
qmail-sdkim(8), qmail-vdkim(8)