|
|
@ -2,16 +2,16 @@ rules {
|
|
|
|
ANTISPOOF_NOAUTH {
|
|
|
|
ANTISPOOF_NOAUTH {
|
|
|
|
action = "reject";
|
|
|
|
action = "reject";
|
|
|
|
expression = "(IS_LOCAL_DOMAIN_E & MISSING_FROM) | (IS_LOCAL_DOMAIN_H & (R_DKIM_NA & R_SPF_NA & DMARC_NA & ARC_NA))";
|
|
|
|
expression = "(IS_LOCAL_DOMAIN_E & MISSING_FROM) | (IS_LOCAL_DOMAIN_H & (R_DKIM_NA & R_SPF_NA & DMARC_NA & ARC_NA))";
|
|
|
|
message = "Rejected (anti-spoofing noauth)";
|
|
|
|
message = "Rejected (anti-spoofing: noauth). Please setup DMARC with DKIM or SPF if you want to send emails from your domain from other servers.";
|
|
|
|
}
|
|
|
|
}
|
|
|
|
ANTISPOOF_DMARC_ENFORCE_LOCAL {
|
|
|
|
ANTISPOOF_DMARC_ENFORCE_LOCAL {
|
|
|
|
action = "reject";
|
|
|
|
action = "reject";
|
|
|
|
expression = "((IS_LOCAL_DOMAIN_H | IS_LOCAL_DOMAIN_E) & (DMARC_POLICY_SOFTFAIL | DMARC_POLICY_REJECT | DMARC_POLICY_QUARANTINE)";
|
|
|
|
expression = "((IS_LOCAL_DOMAIN_H | IS_LOCAL_DOMAIN_E) & (DMARC_POLICY_SOFTFAIL | DMARC_POLICY_REJECT | DMARC_POLICY_QUARANTINE)";
|
|
|
|
message = "Rejected (anti-spoofing DMARC-enforce for local domains)";
|
|
|
|
message = "Rejected (anti-spoofing: DMARC is enforced for local domains)";
|
|
|
|
}
|
|
|
|
}
|
|
|
|
ANTISPOOF_AUTH_FAILED {
|
|
|
|
ANTISPOOF_AUTH_FAILED {
|
|
|
|
action = "reject";
|
|
|
|
action = "reject";
|
|
|
|
expression = "BLACKLIST_ANTISPOOF";
|
|
|
|
expression = "BLACKLIST_ANTISPOOF";
|
|
|
|
message = "Rejected (anti-spoofing auth-failed)";
|
|
|
|
message = "Rejected (anti-spoofing: auth-failed)";
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|