@hanno @vidister nice writeup! (and full agree on the BIMI comments ;) )
one quick Q: for "By scanning the Tranco Top 1 Million list, I collected 355,055 TXT records" how did you guess/find the selectors, unless you walked dnssec RRs or otherwise was able to dump the RRs?
@jeroen @vidister There's a sub-page with some explanations: https://16years.secvuln.info/scandkim.html Essentially: I took the most common selectors that I manually collected from emails, and removed some that I considered uninteresting (e.g. gmail's, as scanning the same gmail key a few thousand times isn't interesting)