On 2021-09-17 14:40, Christian Schmitz wrote:
DKIM-Signature: a=rsa-sha256; v=1; c=relaxed/relaxed; d=garena.com;
q=dns/txt;
s=mailo; t=1631836303; h=Content-Transfer-Encoding: Content-Type:
MIME-Version: Message-ID: Date: Subject: To: From: Sender;
ifplugin Mail::SpamAssassin::Plugin::DKIM
# full __L_DKIM_VALID_TWITTER eval:check_dkim_valid(twitter.com)
# header __L_FROM_TWITTER From:addr =~ /[\@.]twitter\.com$/mi
# meta L_FAKE_TWITTER __L_FROM_TWITTER && !__L_DKIM_VALID_TWITTER
# score L_FAKE_TWITTER 5
# full __L_DKIM_VALID_YAHOO_COM eval:check_dkim_valid(yahoo.com)
# header __L_FROM_YAHOO_COM From:addr =~ /[\@.]yahoo\.com$/mi
# meta L_FAKE_YAHOO_COM __L_FROM_YAHOO_COM &&
!__DOS_HAS_MAILING_LIST && !__L_DKIM_VALID_YAHOO_COM
# describe L_FAKE_YAHOO_COM Meta: yahoo.com never send dkim unsigned
# score L_FAKE_YAHOO_COM 5
full __L_DKIM_VALID_GARENA_COM eval:check_dkim_valid(garena.com)
header __L_FROM_GARENA_COM From:addr =~ /[\@.]garena\.com$/mi
meta L_GARENA_COM __L_FROM_GARENA_COM && !__DOS_HAS_MAILING_LIST
&& !__L_DKIM_VALID_GARENA_COM
describe L_GARENA_COM Meta: garena known spam sender dkim domain
score L_GARENA_COM 5
endif
adj as needed