I wondered if there is a way to verify the correctness/validity of DKIM implementations without actually triggering an email event or sending an email to an external validator. So, remotely, on any domain.
I was thinking about fetching the DNS TXT records (DKIM selectors). But I suppose only the most common can be checked, leaving the certainty of the correctness of the DKIM implementation basically still unknown. Assuming that the DNS server is well configured and does not dump the whole zone file including DKIM selectors using an AXFR request.
Secondly, if we actually did see the full DNS configuration, or managed to get the DKIM related DNS records with 100% certainty, would it be possible to check the correctness of that implementation (partly) without triggering an email event.
Long story short: I'm searching for ways to identify and pinpoint possible mistakes in DKIM implementations.