DKIMPROXY.IN(1) User Contributed Perl Documentation DKIMPROXY.IN(1)NAME
dkimproxy.in - SMTP proxy for verifying DKIM signatures
SYNOPSIS
dkimproxy.in [options] LISTENADDR:PORT RELAYADDR:PORT
smtp options:
--conf_file=FILENAME
--listen=LISTENADDR:PORT
--relay=RELAYADDR:PORT
--reject-error
verification options:
--reject-fail
--hostname=HOSTNAME
daemon options:
--daemonize
--user=USER
--group=GROUP
--pidfile=PIDFILE
dkimproxy.in --help
to see a full description of the various options
OPTIONS--daemonize
If specified, the server will run in the background.
--group=GROUP
If specified, the daemonized process will setgid() to the specified
GROUP.
--hostname=HOSTNAME
Overrides the hostname used in the Authentication-Results header.
This header gets added to every verified message. Use this option
if the hostname that appears is not fully qualified or you want to
use an alternate name.
--pidfile=PIDFILE
Creates a PID file (a file containing the PID of the process) for
the daemonized process. This makes it possible to check the status
of the process, and to cleanly shut it down.
--reject-error
This option specifies what to do if an error occurs during
verification of a message. If this option is specified, the message
will be rejected with an SMTP error code. This will result in the
MTA sending the message to try again later, or bounce it back to
the sender (depending on the exact error code used). If this option
is not specified, the message will be passed through with an error
listed in the Authentication-Results header instead of the
verification results.
The most common cause of an error when verifying a message is a DNS
error when trying to retrieve a public key or sender policy.
--reject-fail
This option specifies what to do if verification fails and the
sender signing policy says to reject the message. If this option is
specified, the message will be rejected with an SMTP error code.
This will result in the sending MTA to bounce the message back to
the sender. If this option is not specified, the message will pass
through as normal.
--user=USER
If specified, the daemonized process will setuid() to USER after
completing any necessary privileged operations, but before
accepting connections.
DESCRIPTION
dkimproxy.in listens on the IP address and TCP port specified by its
first argument (the "listen" port), and sends the traffic it receives
onto the second argument (the "relay" port), with messages getting
verified and having an "Authentication-Results" header added to them.
EXAMPLE
For example, if dkimproxy.in is started with:
dkimproxy.in --reject-fail --reject-error 127.0.0.1:10025 127.0.0.1:10026
the proxy will listen on port 10025 and send the verified messages to
some other SMTP service on port 10026.
CONFIGURATION FILE
Parameters can be stored in a separate file instead of specifying them
all on the command-line. Use the conf_file option to specify the path
to the configuration file, e.g.
dkimproxy.in --conf_file=/etc/dkimproxy_in.conf
The format of the configuration file is one option per line: name of
the option, space, then the value of the option. E.g.
# this is an example config file
listen 127.0.0.1:10025
relay 127.0.0.1:10026
hostname myhost.example.com
reject_fail
is equivalent to
dkimproxy.out --hostname=myhost.example.com --reject-fail \
127.0.0.1:10025 127.0.0.1:10026
AUTHOR
Jason Long
perl v5.10.0 2010-10-25 DKIMPROXY.IN(1)
