Cisco Cisco Email Security Appliance C390 기술 참조

For enhanced security, if encryption of sensitive data in the appliance is enabled in FIPS mode, you will 
not be able view the private key. If you intend to edit the private key, you can enter an existing private 
key or generate a new private key.

The batch format of the 

domainkeysconfig

 command can be used to create, edit, or delete signing 

profiles 

Adding a DomainKeys/DKIM signing profile:

domainkeysconfig profiles signing new <name> <type> <domain> 

<selector> <user-list> [options]

Name of domain profile.

Type of domain.  Can be 

dk

 or 

dkim

.

Domain field of domain profile.  This forms the 

d

 tag 

of the Domain-Keys signature.

Selector field of domain profile.  This forms the 

s

 tag 

of the Domain-Keys signature.

Comma separated list of domain profile users.  Users 
are used to match against email addresses to 
determine if a specific domain profile should be used 
to sign an email. Use the special keyword 

all

 to 

match all domain users.

The name of the private key that will be used for 
signing.

The canonicalization algorithm to use when signing 
by DK. Currently supported algorithms are 

simple

 

and 

nofws

. Default is 

nofws

.

The body canonicalization algorithm of to use when 
signing by DKIM.  Currently supported algorithms 
are 

simple

 and 

relaxed

. Default is 

simple

.

The headers canonicalization algorithm of to use 
when signing by DKIM.  Currently supported 
algorithms are 

simple

 and 

relaxed

. Default is 

simple

.

Number of bytes of canonicalized body that are used 
to calculate the signature.  Is used only in DKIM 
profiles.  If used this value becomes 

l

 tag of the 

signature.  By default it is not used.