From: Murray S. Kucherawy <msk@se...> - 2007-04-25 22:12:46
On Wed, 25 Apr 2007, SM wrote:
> Here are some dkim-milter statistics:
> The gmail.com dkim verification failures are mostly from emails coming
> through mailing lists.
That was sample output from SM's dkim-filter installation, compiled with
_FFR_STATS. The output isn't polished yet, so here's a translation until
I've spent some more time on it:
> gmail.com:1/1 1 pass/8 fail, last v=2, l=0, a=0, Wed Apr 25 10:25:47 2007
The line describes accumulated stats of mail seen from gmail.com using
relaxed/relaxed (1/1; 0/0 would be simple/simple, etc.) canonicalization.
One message has passed verification while eight have failed outright
(neutral results are not counted). The last message seen appeared to be
using ietf-base-00 signatures, wasn't partially signed, was signed using
rsa-sha1 (1 would have been rsa-sha256), and was seen at Wed Apr 25
The tab separates the key in the database from the data, which means the
entries in this database are grouped by domain and canonicalizations used.
I felt this would make it easy to break down a domain by
canonicalizations, or you could run through all the keys and get summaries
for each canonicalization across all domains.
I'm open to suggestions for better data groupings, database organization,
reports to generate, etc.