If you get dmarc report emails and extract the source ip and store them in
a file you can have all kinds of fun with policy failures with geoip,
sorting and that kind of stuff, also it could be processed as a firewall
script input.
1 AR , 200.89.142.106
1 CN , 101.67.136.137 etc
Most
Am 26.04.2017 um 01:28 schrieb Anthony Purcell via dmarc-discuss:
> Numbers on policy requested is what I’m after.
You mean something like this (for opendmarc)?
mysql> SELECT requests.policy, count(*)
-> from messages
-> join requests ON requests.domain = messages.from_domain
->
Numbers on policy requested is what I’m after.
Thanks,
Anthony
> On Apr 25, 2017, at 9:52 AM, Brandon Long wrote:
>
> Are you looking for the policy applied or the policy requested? Also, I
> would imagine this is heavily different depending on the receiver.
>
> Brandon
>
Are you looking for the policy applied or the policy requested? Also, I
would imagine this is heavily different depending on the receiver.
Brandon
On Tue, Apr 25, 2017 at 6:23 AM, Anthony Purcell via dmarc-discuss <
dmarc-discuss@dmarc.org> wrote:
> Hi John,
>
> I'm looking for something
Hi John,
I'm looking for something simpler. A breakdown of how much mail was
p=reject,accept,quarantine
10% accept
40% quarantine
Make sense?
Thanks,
> On Apr 24, 2017, at 17:12, John Wilson wrote:
>
> Anthony,
>
> Do you mean "versus local
Anthony,
Do you mean "versus local policy-overrides"?
John
On Mon, Apr 24, 2017 at 4:33 PM, Anthony Purcell via dmarc-discuss <
dmarc-discuss@dmarc.org> wrote:
> Hello,
>
> I was wondering if any dmarc implementors had any stats on what percentage
> of your mail stream matches the various