rules { ANTISPOOF { action = "reject"; expression = "((R_DKIM_NA & R_SPF_NA & DMARC_NA & ARC_NA)|BLACKLIST_ANTISPOOF) & IS_LOCAL_DOMAIN"; message = "Rejected (anti-spoofing)"; } }