PhoenixDKIM


This page documents PhoenixDKIM, a maintained fork of OpenDKIM. Options may differ from the original.

NAME

opendkim-testkey - DKIM filter installation test

SYNOPSIS

opendkim-testkey [-d domain] [-s selector] [-k keypath] [-v] [-x configfile]

DESCRIPTION

opendkim-testkey verifies the setup of signing and verifying (private and public) keys for use with opendkim(8).

The test program will read a domain name and selector from the command line, configuration file or a key table, then query and parse the resulting DKIM key(s), reporting any errors found.

If a key path is also provided, the test program will read the private key named and attempt to confirm that the private key specified by keypath (or in the key table) and the public DKIM key retrieved from DNS match.

OPTIONS

-d domain

Names the domain in which signing is to be done. More specifically, names the domain in which the public key matching the provided private key will be found. This parameter must be provided either explicitly, in the configuration file, or via a KeyTable (see opendkim.conf(5) for details).

-k keypath

Specifies the path to the private key file which should be used for this test. This parameter is optional.

-s selector

Names the selector within the specified domain whose public key should be retrieved and tested, comparing it to the private key if provided. This parameter must be provided either explicitly, in the configuration file, or via a KeyTable (see opendkim.conf(5) for details).

-v

Increases verbosity. May be specified multiple times.

-x conffile

Names a configuration file to be parsed. See opendkim.conf(5) for details. The values used are Domain, Selector, KeyFile, KeyTable, TrustAnchorFile and ResolverConfig. The default is /etc/opendkim/opendkim.conf.

NOTES

The test program will also complain if a private key file is readable by anyone other than the user executing the program.

Both RSA and Ed25519 private keys are supported.

VERSION

This man page covers the version of opendkim-testkey that shipped with version 3.0.0 of OpenDKIM.

COPYRIGHT

Copyright (c) 2007, 2008, Sendmail, Inc. and its suppliers.
Copyright (c) 2009-2015, The Trusted Domain Project.
Copyright (c) 2026, PhoenixDKIM contributors.
All rights reserved.

SEE ALSO

opendkim(8), opendkim-genkey(8), opendkim.conf(5)

RFC 6376 - DomainKeys Identified Mail

RFC 8463 - A New Cryptographic Signature Method for DomainKeys Identified Mail (Ed25519)


This document was created from the manual pages using groff.
Time: Fri May 29 17:43:59 2026