Murray S. Kucherawy wrote:
I’ve got as a task for the next major OpenDKIM release a reworking of
our statistics collection component. This is something that’s off by
default; one must specifically enable it both at compile time and at
run time.
What I’m considering is a change to the code so that it collects a
larger set of interesting things instead of just pass/fail counts,
which canonicalizations are in use, what signing algorithm is in use,
whether or not “l=” is in use, and the date/time a domain was last
seen. Some of the data I’m looking at collecting include:
- On failure, whether or not the “bh” matched (so you can tell whether
it was a body change or a header change that broke it)
- On failure, if “z=” was present, record the name of the header(s)
that were changed
- Use of g=, t= in keys
- Use of x=, t=, z=, l= in signatures
- If l= was used, how often extra data was present
- Count of times t= was used and contained a future timestamp
- Count of retrieved key records that contained a syntax error
- Count of signatures referencing nonexistent keys
- ADSP statistics
- Count of third-party signatures
- Count of messages containing multiple signatures
For those of you thinking about statistics regarding DKIM, have I
missed any that might be useful to the working group?
If we're just talking about a statistics _collection_ component I'd add
the date/time of a DKIM sign/verify action, in order to be able to
generate trend reports over longer periods of time. If we're talking
about a statistics _analysis_ tool, then I'd vote for some trend report
'buttons'.
/rolf
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html