On Mon, Mar 07, 2011 at 10:39:29AM +1100, Erik de Castro Lopo wrote:
> I'm running postfix version 2.8.1 from Debian.
>
> I've got basic pcre header checks working as they should. I'm trying
> to reject mail that has a DKIM signature that says its from att.net
> but a Message-ID ending in 'yahoo.com'.
>
> I've got this:
>
> if /^DKIM-Signature: .*; d\=att.net;/i
> /^Message-ID: .*\.yahoo\.com>/i REJECT
> endif
>
> but it doesn't seem to work. Clues?
You are lucky this does not work. Much of the att.net mail infrastructure
is operated by Yahoo. DKIM signatures are also added in messages handled
by lists, ... What you are attemtping to do is a bad idea based on a
deep misconception of the role of DKIM in email processing.
--
Viktor.
