My tests shows that many of the Swedish domains will give NOERROR
because of wildcarding.
E.g.
*.domain.se IN A 1.2.3.4
will catch a query for _domainkey.domain.se TXT, but with no answer
since the RRs do not match.
The test could be refind by doing two tests, which will reveal any wildcarding.
The domain is probably using DKIM if the queries return this:
_domainkey.domain.se TXT => NOERROR
somethingrandom123123425235._domainkey.domain.se TXT => NXDOMAIN
If the last answer is NOERROR, then this is an indication that it was
a wildcard answer for the first question. The reason to have the
random query under _domainkey.domain.se is because wildcarding can be
used together with DKIM.
E.g.
*.domain.se IN A 1.2.3.4
selector._domainkey.domain.se IN TXT ....
This wildcard will not catch the non-existant random selector.
This method will give a lower number on the DKIM usage since a
delegation of the DKIM keys will not be caught by this method. Key
delegation is allowed but will probably catch the random selector,
thus tricking the algorithm into believing that the domain is not
using DKIM.
E.g.
*._domainkey.domain.se IN CNAME dkim.hosting.se
The old standard DomainKeys will also be caught by this algorithm. The
search could be much easier if ADSP was mandatory together with DKIM.
Then you would only have to evaluate:
_adsp._domainkey.domain.se IN TXT ....
Currently (2008-10-06) are 331 Swedish domains using DKIM. One is
using DNSSEC and DKIM. There are over 750 000 domain names.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html