this works for me
parent
be4dd6d84a
commit
af87456faf
@ -1,7 +1,17 @@
|
|||||||
rules {
|
rules {
|
||||||
ANTISPOOF {
|
ANTISPOOF_NOAUTH {
|
||||||
action = "reject";
|
action = "reject";
|
||||||
expression = "((R_DKIM_NA & R_SPF_NA & DMARC_NA & ARC_NA)|BLACKLIST_ANTISPOOF) & IS_LOCAL_DOMAIN";
|
expression = "(IS_LOCAL_DOMAIN_E & MISSING_FROM) | (IS_LOCAL_DOMAIN_H & (R_DKIM_NA & R_SPF_NA & DMARC_NA & ARC_NA))";
|
||||||
message = "Rejected (anti-spoofing)";
|
message = "Rejected (anti-spoofing noauth)";
|
||||||
|
}
|
||||||
|
ANTISPOOF_DMARC_ENFORCE_LOCAL {
|
||||||
|
action = "reject";
|
||||||
|
expression = "((IS_LOCAL_DOMAIN_H | IS_LOCAL_DOMAIN_E) & (DMARC_POLICY_SOFTFAIL | DMARC_POLICY_REJECT | DMARC_POLICY_QUARANTINE)";
|
||||||
|
message = "Rejected (anti-spoofing DMARC-enforce for local domains)";
|
||||||
|
}
|
||||||
|
ANTISPOOF_AUTH_FAILED {
|
||||||
|
action = "reject";
|
||||||
|
expression = "BLACKLIST_ANTISPOOF";
|
||||||
|
message = "Rejected (anti-spoofing auth-failed)";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1,5 +1,11 @@
|
|||||||
IS_LOCAL_DOMAIN {
|
IS_LOCAL_DOMAIN_H {
|
||||||
type = "from";
|
type = "selector"
|
||||||
filter = "email:domain";
|
selector = "from('mime'):domain";
|
||||||
|
map = "http://{{ ADMIN_ADDRESS }}/internal/rspamd/local_domains";
|
||||||
|
}
|
||||||
|
|
||||||
|
IS_LOCAL_DOMAIN_E {
|
||||||
|
type = "selector"
|
||||||
|
selector = "from('smtp'):domain";
|
||||||
map = "http://{{ ADMIN_ADDRESS }}/internal/rspamd/local_domains";
|
map = "http://{{ ADMIN_ADDRESS }}/internal/rspamd/local_domains";
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue