From db698ba9dbbf261940c3e7db3376491092ade58c Mon Sep 17 00:00:00 2001
From: Thorsten von Eicken <tve@rightscale.com>
Date: Tue, 31 May 2016 19:16:51 -0700
Subject: [PATCH] add info for verify-only DKIM

---
 docs/content/config/best-practices/dkim.md | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/docs/content/config/best-practices/dkim.md b/docs/content/config/best-practices/dkim.md
index e04f2200..952f1e41 100644
--- a/docs/content/config/best-practices/dkim.md
+++ b/docs/content/config/best-practices/dkim.md
@@ -12,4 +12,23 @@ Now the keys are generated, you can configure your DNS server by just pasting th
 mail._domainkey	IN	TXT	( "v=DKIM1; k=rsa; "
 	  "p=AZERTYUIOPQSDFGHJKLMWXCVBN/AZERTYUIOPQSDFGHJKLMWXCVBN/AZERTYUIOPQSDFGHJKLMWXCVBN/AZERTYUIOPQSDFGHJKLMWXCVBN/AZERTYUIOPQSDFGHJKLMWXCVBN/AZERTYUIOPQSDFGHJKLMWXCVBN/AZERTYUIOPQSDFGHJKLMWXCVBN/AZERTYUIOPQSDFGHJKLMWXCVBN" )  ; ----- DKIM key mail for domain.tld
 
+```
+
+## Verify-only
+
+If you want DKIm to only verify incoming emails, the following version of /etc/opendkim.conf may be useful (right now there is no easy mechanism for installing it other than forking the repo):
+```
+# This is a simple config file verifying messages only
+
+#LogWhy                 yes
+Syslog                  yes
+SyslogSuccess           yes
+
+Socket                  inet:12301@localhost
+PidFile               /var/run/opendkim/opendkim.pid
+
+ReportAddress           postmaster@voneicken.com
+SendReports             yes
+
+Mode                    v
 ```
\ No newline at end of file