Re: [dmarc-discuss] Metrics on policy actions

If you get dmarc report emails and extract the source ip and store them in a file you can have all kinds of fun with policy failures with geoip, sorting and that kind of stuff, also it could be processed as a firewall script input. 1 AR , 200.89.142.106 1 CN , 101.67.136.137 etc Most

Re: [dmarc-discuss] Metrics on policy actions

Am 26.04.2017 um 01:28 schrieb Anthony Purcell via dmarc-discuss: > Numbers on policy requested is what I’m after. You mean something like this (for opendmarc)? mysql> SELECT requests.policy, count(*) -> from messages -> join requests ON requests.domain = messages.from_domain ->

Re: [dmarc-discuss] Metrics on policy actions

Numbers on policy requested is what I’m after. Thanks, Anthony > On Apr 25, 2017, at 9:52 AM, Brandon Long wrote: > > Are you looking for the policy applied or the policy requested? Also, I > would imagine this is heavily different depending on the receiver. > > Brandon >

Re: [dmarc-discuss] Metrics on policy actions

Are you looking for the policy applied or the policy requested? Also, I would imagine this is heavily different depending on the receiver. Brandon On Tue, Apr 25, 2017 at 6:23 AM, Anthony Purcell via dmarc-discuss < dmarc-discuss@dmarc.org> wrote: > Hi John, > > I'm looking for something

Re: [dmarc-discuss] Metrics on policy actions

Hi John, I'm looking for something simpler. A breakdown of how much mail was p=reject,accept,quarantine 10% accept 40% quarantine Make sense? Thanks,  > On Apr 24, 2017, at 17:12, John Wilson wrote: > > Anthony, > > Do you mean "versus local

Re: [dmarc-discuss] Metrics on policy actions

Anthony, Do you mean "versus local policy-overrides"? John On Mon, Apr 24, 2017 at 4:33 PM, Anthony Purcell via dmarc-discuss < dmarc-discuss@dmarc.org> wrote: > Hello, > > I was wondering if any dmarc implementors had any stats on what percentage > of your mail stream matches the various