opendkim-testmsg man page

opendkim-testmsg — DKIM message tst


opendkim-testmsg [-C] [-d domain] [-K] [-k keypath] [-s selector] [-t path]


opendkim-testmsg signs or verifies an input message.  This is similar to the test mode for opendkim(8) except that it does not use the same configuration system or milter interface. Rather, it is a direct access to the DKIM library with those functions "out of the way".

The message is read from standard input.  In signing mode, the complete signed message will then be written to standard output.  When verifying, there will be no output unless an error occurred.

To sign a message, the -d, -k and -s settings in the Synopsis above must be provided.  If all of them are absent, the input message will be verified.  If some but not all are present, an error is returned.



If specified, the signature header field generated in signing mode will be line-terminated with carriage-return line-feed, instead of just line-feed.

-d domain

Names the domain in which signing is to be done.  More specifically, names the domain in which the public key matching the provided private key would be found in a live test.


Arranges to keep temporary files generated during message canonicalization for debugging purposes.

-k keypath

Specifies the path to the private key file which should be used to sign the input message.

-s selector

Names the selector within the specified domain that should be included in the signature.

-t path

Specifies the directory in which temporary files are to be created.  The default is /tmp.


This man page covers the version of opendkim-testmsg that shipped with version 2.11.0 of OpenDKIM.

See Also


RFC6376 - DomainKeys Identified Mail


The Trusted Domain Project