Also cover the case where the DKIM sig is for another domain and there
is no explicit DMARC policy
main
Florent Daigniere 2 years ago
parent 8da6117bb9
commit 8929f54de5

@ -6,8 +6,8 @@ rules {
}
ANTISPOOF_DMARC_ENFORCE_LOCAL {
action = "reject";
expression = "((IS_LOCAL_DOMAIN_H | IS_LOCAL_DOMAIN_E) & (DMARC_POLICY_SOFTFAIL | DMARC_POLICY_REJECT | DMARC_POLICY_QUARANTINE)";
message = "Rejected (anti-spoofing: DMARC is enforced for local domains)";
expression = "((IS_LOCAL_DOMAIN_H | IS_LOCAL_DOMAIN_E) & (DMARC_POLICY_SOFTFAIL | DMARC_POLICY_REJECT | DMARC_POLICY_QUARANTINE | DMARC_NA)";
message = "Rejected (anti-spoofing: DMARC compliance is enforced for local domains, regardless of the policy setting)";
}
ANTISPOOF_AUTH_FAILED {
action = "reject";

Loading…
Cancel
Save