this works for me

2 years ago · af87456faf
parent be4dd6d84a
commit af87456faf
3 changed files with 23 additions and 7 deletions
--- a/core/rspamd/conf/force_actions.conf
+++ b/core/rspamd/conf/force_actions.conf
@ -1,7 +1,17 @@
 rules {
-  ANTISPOOF {
+  ANTISPOOF_NOAUTH {
    action = "reject";
-    expression = "((R_DKIM_NA & R_SPF_NA & DMARC_NA & ARC_NA)|BLACKLIST_ANTISPOOF) & IS_LOCAL_DOMAIN";
-    message = "Rejected (anti-spoofing)";
+    expression = "(IS_LOCAL_DOMAIN_E & MISSING_FROM) | (IS_LOCAL_DOMAIN_H & (R_DKIM_NA & R_SPF_NA & DMARC_NA & ARC_NA))";
+    message = "Rejected (anti-spoofing noauth)";
+  }
+  ANTISPOOF_DMARC_ENFORCE_LOCAL {
+    action = "reject";
+    expression = "((IS_LOCAL_DOMAIN_H | IS_LOCAL_DOMAIN_E) & (DMARC_POLICY_SOFTFAIL | DMARC_POLICY_REJECT | DMARC_POLICY_QUARANTINE)";
+    message = "Rejected (anti-spoofing DMARC-enforce for local domains)";
+  }
+  ANTISPOOF_AUTH_FAILED {
+    action = "reject";
+    expression = "BLACKLIST_ANTISPOOF";
+    message = "Rejected (anti-spoofing auth-failed)";
  }
 }
--- a/core/rspamd/conf/multimap.conf
+++ b/core/rspamd/conf/multimap.conf
@ -1,5 +1,11 @@
-IS_LOCAL_DOMAIN {
-  type = "from";
-  filter = "email:domain";
+IS_LOCAL_DOMAIN_H {
+  type = "selector"
+  selector = "from('mime'):domain";
+  map = "http://{{ ADMIN_ADDRESS }}/internal/rspamd/local_domains";
+}
+
+IS_LOCAL_DOMAIN_E {
+  type = "selector"
+  selector = "from('smtp'):domain";
  map = "http://{{ ADMIN_ADDRESS }}/internal/rspamd/local_domains";
 }
--- a/core/rspamd/conf/whitelist.conf
+++ b/core/rspamd/conf/whitelist.conf
@ -3,6 +3,6 @@ rules {
            valid_dmarc = true;
            blacklist = true;
            domains = "http://{{ ADMIN_ADDRESS }}/internal/rspamd/local_domains";
-            score = 15.0;
+	    score = 99.0;
        }
 }