lub
/
mailu
1
0
Fork 0
Code Issues Pull Requests Packages Releases Wiki Activity

Merge #2633

Browse Source 
2633: Don't apply antispoof rules on locally generated emails r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Don't apply antispoof rules on locally generated emails; This was breaking the auto-responder and sieve rules.

### Related issue(s)


## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
main
bors[bot] 2 years ago committed by GitHub
parent 3ffe1d2a9e 5304311e0e
commit db2a490256
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File

6
core/rspamd/conf/force_actions.conf
Unescape Escape View File

@ -1,17 +1,17 @@
rules { rules {
ANTISPOOF_NOAUTH { ANTISPOOF_NOAUTH {
action = "reject"; action = "reject";
expression = "!MAILLIST & ((IS_LOCAL_DOMAIN_E & MISSING_FROM) | (IS_LOCAL_DOMAIN_H & (R_DKIM_NA & R_SPF_NA & DMARC_NA & ARC_NA)))"; expression = "!IS_LOCALLY_GENERATED & !MAILLIST & ((IS_LOCAL_DOMAIN_E & MISSING_FROM) | (IS_LOCAL_DOMAIN_H & (R_DKIM_NA & R_SPF_NA & DMARC_NA & ARC_NA)))";
message = "Rejected (anti-spoofing: noauth). Please setup DMARC with DKIM or SPF if you want to send emails from your domain from other servers."; message = "Rejected (anti-spoofing: noauth). Please setup DMARC with DKIM or SPF if you want to send emails from your domain from other servers.";
} }
ANTISPOOF_DMARC_ENFORCE_LOCAL { ANTISPOOF_DMARC_ENFORCE_LOCAL {
action = "reject"; action = "reject";
expression = "!MAILLIST & (IS_LOCAL_DOMAIN_H | IS_LOCAL_DOMAIN_E) & (DMARC_POLICY_SOFTFAIL | DMARC_POLICY_REJECT | DMARC_POLICY_QUARANTINE | DMARC_NA)"; expression = "!IS_LOCALLY_GENERATED & !MAILLIST & (IS_LOCAL_DOMAIN_H | IS_LOCAL_DOMAIN_E) & (DMARC_POLICY_SOFTFAIL | DMARC_POLICY_REJECT | DMARC_POLICY_QUARANTINE | DMARC_NA)";
message = "Rejected (anti-spoofing: DMARC compliance is enforced for local domains, regardless of the policy setting)"; message = "Rejected (anti-spoofing: DMARC compliance is enforced for local domains, regardless of the policy setting)";
} }
ANTISPOOF_AUTH_FAILED { ANTISPOOF_AUTH_FAILED {
action = "reject"; action = "reject";
expression = "!MAILLIST & BLACKLIST_ANTISPOOF"; expression = "!IS_LOCALLY_GENERATED & !MAILLIST & BLACKLIST_ANTISPOOF";
message = "Rejected (anti-spoofing: auth-failed)"; message = "Rejected (anti-spoofing: auth-failed)";
} }
} }

2
core/rspamd/conf/local_subnet.map
Unescape Escape View File

@ -0,0 +1,2 @@
{{ SUBNET }}
{{ SUBNET6 }}

5
core/rspamd/conf/multimap.conf
Unescape Escape View File

@ -10,6 +10,11 @@ IS_LOCAL_DOMAIN_E {
map = "http://{{ ADMIN_ADDRESS }}/internal/rspamd/local_domains"; map = "http://{{ ADMIN_ADDRESS }}/internal/rspamd/local_domains";
} }
IS_LOCALLY_GENERATED {
type = "ip"
map = ["/etc/rspamd/local.d/local_subnet.map"];
}
FORBIDDEN_FILE_EXTENSION { FORBIDDEN_FILE_EXTENSION {
type = "filename"; type = "filename";
filter = "extension"; filter = "extension";

1
towncrier/newsfragments/2633.bugfix
Unescape Escape View File

@ -0,0 +1 @@
Fix a bug introduced in master whereby anything locally generated (sieve, autoresponder, ...) would be blocked by the anti-spoofing rules
Write Preview
Loading…
Cancel
Save