From af87456faf65ffbe133e451fa7f002983d7e282a Mon Sep 17 00:00:00 2001
From: Florent Daigniere <nextgens@freenetproject.org>
Date: Thu, 20 Oct 2022 10:24:10 +0200
Subject: [PATCH] this works for me

---
 core/rspamd/conf/force_actions.conf | 16 +++++++++++++---
 core/rspamd/conf/multimap.conf      | 12 +++++++++---
 core/rspamd/conf/whitelist.conf     |  2 +-
 3 files changed, 23 insertions(+), 7 deletions(-)

diff --git a/core/rspamd/conf/force_actions.conf b/core/rspamd/conf/force_actions.conf
index 20bf9245..0d1d1a2b 100644
--- a/core/rspamd/conf/force_actions.conf
+++ b/core/rspamd/conf/force_actions.conf
@@ -1,7 +1,17 @@
 rules {
-  ANTISPOOF {
+  ANTISPOOF_NOAUTH {
     action = "reject";
-    expression = "((R_DKIM_NA & R_SPF_NA & DMARC_NA & ARC_NA)|BLACKLIST_ANTISPOOF) & IS_LOCAL_DOMAIN";
-    message = "Rejected (anti-spoofing)";
+    expression = "(IS_LOCAL_DOMAIN_E & MISSING_FROM) | (IS_LOCAL_DOMAIN_H & (R_DKIM_NA & R_SPF_NA & DMARC_NA & ARC_NA))";
+    message = "Rejected (anti-spoofing noauth)";
+  }
+  ANTISPOOF_DMARC_ENFORCE_LOCAL {
+    action = "reject";
+    expression = "((IS_LOCAL_DOMAIN_H | IS_LOCAL_DOMAIN_E) & (DMARC_POLICY_SOFTFAIL | DMARC_POLICY_REJECT | DMARC_POLICY_QUARANTINE)";
+    message = "Rejected (anti-spoofing DMARC-enforce for local domains)";
+  }
+  ANTISPOOF_AUTH_FAILED {
+    action = "reject";
+    expression = "BLACKLIST_ANTISPOOF";
+    message = "Rejected (anti-spoofing auth-failed)";
   }
 }
diff --git a/core/rspamd/conf/multimap.conf b/core/rspamd/conf/multimap.conf
index dd2ffa61..dd25c08e 100644
--- a/core/rspamd/conf/multimap.conf
+++ b/core/rspamd/conf/multimap.conf
@@ -1,5 +1,11 @@
-IS_LOCAL_DOMAIN {
-  type = "from";
-  filter = "email:domain";
+IS_LOCAL_DOMAIN_H {
+  type = "selector"
+  selector = "from('mime'):domain";
+  map = "http://{{ ADMIN_ADDRESS }}/internal/rspamd/local_domains";
+}
+
+IS_LOCAL_DOMAIN_E {
+  type = "selector"
+  selector = "from('smtp'):domain";
   map = "http://{{ ADMIN_ADDRESS }}/internal/rspamd/local_domains";
 }
diff --git a/core/rspamd/conf/whitelist.conf b/core/rspamd/conf/whitelist.conf
index fcde167a..208ca203 100644
--- a/core/rspamd/conf/whitelist.conf
+++ b/core/rspamd/conf/whitelist.conf
@@ -3,6 +3,6 @@ rules {
             valid_dmarc = true;
             blacklist = true;
             domains = "http://{{ ADMIN_ADDRESS }}/internal/rspamd/local_domains";
-            score = 15.0;
+	    score = 99.0;
         }
 }