Re: KAM_DMARC_REJECT on internal emails

On 19 Apr 2021, at 21:28, John Hardin wrote: On Mon, 19 Apr 2021, Bill Cole wrote: On 19 Apr 2021, at 11:05, Matus UHLAR - fantomas wrote: On 19 Apr 2021, at 8:42, Simon Wilson wrote: Yes, my trusted_networks, internal_networks and msa_networks are all set correctly... I had a long discussi

Re: Spamassassin goes to folder spam

On Tue, 20 Apr 2021, mau...@gmx.ch wrote: if header :contains "To" users@spamassassin.apache.org { This header might be a better check: List-Id: -- John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ jhar...@impsec.org

Re: KAM_DMARC_REJECT on internal emails

On Mon, 19 Apr 2021, Bill Cole wrote: On 19 Apr 2021, at 11:05, Matus UHLAR - fantomas wrote: On 19 Apr 2021, at 8:42, Simon Wilson wrote: Yes, my trusted_networks, internal_networks and msa_networks are all set correctly... I had a long discussion with this mailing list on the subject last

Re: KAM_DMARC_REJECT on internal emails

On 19 Apr 2021, at 18:25, RW wrote: On Mon, 19 Apr 2021 15:54:00 -0400 Bill Cole wrote: It's clear to me that excluding the original message (given as an example by the OP in a side-branch of this thread) from DMARC verification could be done with a ALL_INTERNAL I've been a bit distracted

Re: Spamassassin goes to folder spam

On 2021-04-20 01:12, mau...@gmx.ch wrote: Hello Asking for litle help…. Doevecot and sieve are running fine…. One thing now, if receiving mail from Users-spamassassin This mail will by forwarding from sieve to folder spam. I didn't see why this will transfer there. Dovecot 2.3.4.1 (f79e8e7e4)

Re: Spamassassin goes to folder spam

Den 20-04-2021 kl. 01:12 skrev mau...@gmx.ch: > > Hello > > Asking for litle help…. Doevecot and sieve are running fine…. One > thing now, if receiving mail from Users-spamassassin > > This mail will by forwarding from sieve to folder spam. I didn’t see > why this will transfer there. > Your messa

Spamassassin goes to folder spam

Hello Asking for litle help.. Doevecot and sieve are running fine.. One thing now, if receiving mail from Users-spamassassin This mail will by forwarding from sieve to folder spam. I didn't see why this will transfer there. Dovecot 2.3.4.1 (f79e8e7e4) - Debain 10 Sieve if header :contain

Re: KAM_DMARC_REJECT on internal emails

On Mon, 19 Apr 2021 15:54:00 -0400 Bill Cole wrote: > > It's clear to me that excluding the original message (given as an > example by the OP in a side-branch of this thread) from DMARC > verification could be done with a ALL_INTERNAL I've been a bit distracted today and I've already misunder

Re: KAM_DMARC_REJECT on internal emails

On 19 Apr 2021, at 14:57, RW wrote: On Mon, 19 Apr 2021 13:46:57 -0400 Bill Cole wrote: On 19 Apr 2021, at 13:26, RW wrote: I'm not 100% sure, but I think localhost, unlike private addresses, is always internal/trusted. I don't think that is relevant to the original message at hand or to

Re: KAM_DMARC_REJECT on internal emails

On Mon, 19 Apr 2021 13:46:57 -0400 Bill Cole wrote: > On 19 Apr 2021, at 13:26, RW wrote: > > I'm not 100% sure, but I think localhost, unlike private addresses, > > is always internal/trusted. > > I don't think that is relevant to the original message at hand or to > what I'm trying to match

Re: KAM_DMARC_REJECT on internal emails

On 19 Apr 2021, at 13:26, RW wrote: On Mon, 19 Apr 2021 13:20:37 -0400 Bill Cole wrote: On 19 Apr 2021, at 13:03, Matus UHLAR - fantomas wrote: On 19 Apr 2021, at 11:30, Matus UHLAR - fantomas wrote: I understand this as: if mail was received by internal relay unauthenticated, it's externa

Re: Senderscore

And btw, usually on the DNS infos of Senderscores, you can see about 3 days of lag compared to their online interface, dunno if expected on their side, or they're facing perf issues, but that service is not a top priority at all at least On Mon, Apr 19, 2021 at 7:29 PM Simon Bressier wrote: > > H

Re: Senderscore

Hi Simon, For info for few days now, the Senderscore DNS server is failing to answer. I've pinged one relation I have at Validity so they can dig on it. Senderscore via DNS is a legacy service they just maintain but dunno for how long... They are more on a mood to stop that service in the future

Re: KAM_DMARC_REJECT on internal emails

On Mon, 19 Apr 2021 13:20:37 -0400 Bill Cole wrote: > On 19 Apr 2021, at 13:03, Matus UHLAR - fantomas wrote: > > >> On 19 Apr 2021, at 11:30, Matus UHLAR - fantomas wrote: > >>> I understand this as: > >>> > >>> if mail was received by internal relay unauthenticated, it's > >>> external, >

Re: KAM_DMARC_REJECT on internal emails

On 19 Apr 2021, at 13:03, Matus UHLAR - fantomas wrote: On 19 Apr 2021, at 11:30, Matus UHLAR - fantomas wrote: I understand this as: if mail was received by internal relay unauthenticated, it's external, On 19.04.21 12:49, Bill Cole wrote: I cannot make SA behave that way. why not? Wh

Re: KAM_DMARC_REJECT on internal emails

On Mon, 19 Apr 2021 19:03:55 +0200 Matus UHLAR - fantomas wrote: > >On 19 Apr 2021, at 11:30, Matus UHLAR - fantomas wrote: > >> I understand this as: > >> > >> if mail was received by internal relay unauthenticated, it's > >> external, > > On 19.04.21 12:49, Bill Cole wrote: > >I cannot make

Re: KAM_DMARC_REJECT on internal emails

On Mon, 19 Apr 2021 09:46:48 -0400 Bill Cole wrote: > On 19 Apr 2021, at 9:26, Matus UHLAR - fantomas wrote: > > >> On 19 Apr 2021, at 8:42, Simon Wilson wrote: > >>> Yes, my trusted_networks, internal_networks and msa_networks are > >>> all set correctly... I had a long discussion with this ma

Re: KAM_DMARC_REJECT on internal emails

On 19 Apr 2021, at 11:30, Matus UHLAR - fantomas wrote: I understand this as: if mail was received by internal relay unauthenticated, it's external, On 19.04.21 12:49, Bill Cole wrote: I cannot make SA behave that way. why not? meta KAM_DMARC_REJECT __LAST_EXTERNAL_RELAY_NO_AUTH && !(

Re: KAM_DMARC_REJECT on internal emails

On 19 Apr 2021, at 11:30, Matus UHLAR - fantomas wrote: > I understand this as: > > if mail was received by internal relay unauthenticated, it's external, I cannot make SA behave that way. -- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo and many *@billmail.scconsult.com

Re: KAM_DMARC_REJECT on internal emails

On 2021-04-19 17:30, Matus UHLAR - fantomas wrote: I understand this as: if mail was received by internal relay unauthenticated, it's external, and therefore, should be subject to DMARC checks. and 127.0.0.1 ::1 is hardcoded in spamasassasin, opendmarc skips if client ip is loopback interf

How do you set nomail for the List?

How do you set nomail for the List?

Re: KAM_DMARC_REJECT on internal emails

On 19 Apr 2021, at 8:42, Simon Wilson wrote: Yes, my trusted_networks, internal_networks and msa_networks are all set correctly... I had a long discussion with this mailing list on the subject last year and got excellent help on resolving that! :) On 19.04.21 09:17, Bill Cole wrote: Then the

Re: KAM_DMARC_REJECT on internal emails

On 19 Apr 2021, at 11:05, Matus UHLAR - fantomas wrote: On 19 Apr 2021, at 8:42, Simon Wilson wrote: Yes, my trusted_networks, internal_networks and msa_networks are all set correctly... I had a long discussion with this mailing list on the subject last year and got excellent help on resolving

Re: KAM_DMARC_REJECT on internal emails

On 19 Apr 2021, at 8:42, Simon Wilson wrote: Yes, my trusted_networks, internal_networks and msa_networks are all set correctly... I had a long discussion with this mailing list on the subject last year and got excellent help on resolving that! :) On 19.04.21 09:17, Bill Cole wrote: Then the

Re: KAM_DMARC_REJECT on internal emails

On Mon, Apr 19, 2021 at 10:05:21PM +1000, Simon Wilson wrote: > > askdns __KAM_DMARC_POLICY_REJECT _dmarc._AUTHORDOMAIN_ TXT > /^v=DMARC1;.*\bp=reject;/ > > run anyway? Or only if the resultant metas which call on them have a score > value <> 0? Askdns is like any other rule, it does what it's t

Re: KAM_DMARC_REJECT on internal emails

On 2021-04-19 14:42, Simon Wilson wrote: askdns __KAM_DMARC_POLICY_REJECT _dmarc._AUTHORDOMAIN_ TXT /^v=DMARC1;.*\bp=reject;/ run anyway? note rulename starts with __ ? Yes, and the doco says "...rules start with a double underscore, so they are run and treated as having no score". So my q

Re: KAM_DMARC_REJECT on internal emails

On 2021-04-19 15:46, Bill Cole wrote: On 19 Apr 2021, at 9:26, Matus UHLAR - fantomas wrote: On 19 Apr 2021, at 8:42, Simon Wilson wrote: Yes, my trusted_networks, internal_networks and msa_networks are all set correctly... I had a long discussion with this mailing list on the subject last ye

Re: KAM_DMARC_REJECT on internal emails

On 19 Apr 2021, at 9:26, Matus UHLAR - fantomas wrote: On 19 Apr 2021, at 8:42, Simon Wilson wrote: Yes, my trusted_networks, internal_networks and msa_networks are all set correctly... I had a long discussion with this mailing list on the subject last year and got excellent help on resolving

Re: KAM_DMARC_REJECT on internal emails

On 19 Apr 2021, at 8:42, Simon Wilson wrote: Yes, my trusted_networks, internal_networks and msa_networks are all set correctly... I had a long discussion with this mailing list on the subject last year and got excellent help on resolving that! :) On 19.04.21 09:17, Bill Cole wrote: Then the m

Re: KAM_DMARC_REJECT on internal emails

On 19 Apr 2021, at 8:42, Simon Wilson wrote: Yes, my trusted_networks, internal_networks and msa_networks are all set correctly... I had a long discussion with this mailing list on the subject last year and got excellent help on resolving that! :) Then the most direct tactic would be to modif

Re: KAM_DMARC_REJECT on internal emails

askdns __KAM_DMARC_POLICY_REJECT _dmarc._AUTHORDOMAIN_ TXT /^v=DMARC1;.*\bp=reject;/ run anyway? note rulename starts with __ ? Yes, and the doco says "...rules start with a double underscore, so they are run and treated as having no score". So my question remains - It says "are run", s

Re: KAM_DMARC_REJECT on internal emails

On 2021-04-19 14:05, Simon Wilson wrote: askdns __KAM_DMARC_POLICY_REJECT _dmarc._AUTHORDOMAIN_ TXT /^v=DMARC1;.*\bp=reject;/ run anyway? note rulename starts with __ ? Or only if the resultant metas which call on them have a score value <> 0? opendkim opendmarc openarc sid-milter all

Re: KAM_DMARC_REJECT on internal emails

- Message from RW - Date: Mon, 19 Apr 2021 12:47:02 +0100 From: RW Subject: Re: KAM_DMARC_REJECT on internal emails To: users@spamassassin.apache.org On Mon, 19 Apr 2021 16:36:58 +1000 Simon Wilson wrote: Hi list, - I'm running KAM rules in Spamassassin - Postfix por

Re: KAM_DMARC_REJECT on internal emails

On Mon, 19 Apr 2021 16:36:58 +1000 Simon Wilson wrote: > Hi list, > > - I'm running KAM rules in Spamassassin > - Postfix port 587-submitted email is sent to Amavisd (as a > content_filter) on port 10026 (tagged as ORIGINATING/MYNETS) and is > spam-checked and DKIM-signed on its way out the d

Re: KAM_DMARC_REJECT on internal emails

I'd say that a proper solution would be to DKIM-sign mail before it's spam-scanned. On 19.04.21 19:39, Simon Wilson wrote: Good point. If DKIM is signed it should pass DMARC, even if SPF fails. Amavisd handles both pieces, including DKIM signing... from looking at the headers it looks like A

Re: KAM_DMARC_REJECT on internal emails

I'd say that a proper solution would be to DKIM-sign mail before it's spam-scanned. On 19.04.21 19:39, Simon Wilson wrote: Good point. If DKIM is signed it should pass DMARC, even if SPF fails. Amavisd handles both pieces, including DKIM signing... from looking at the headers it looks like Am

Re: KAM_DMARC_REJECT on internal emails

On 19.04.21 16:36, Simon Wilson wrote: - I'm running KAM rules in Spamassassin - Postfix port 587-submitted email is sent to Amavisd (as a content_filter) on port 10026 (tagged as ORIGINATING/MYNETS) and is spam-checked and DKIM-signed on its way out the door, sent back to Postfix at port 1

Re: KAM_DMARC_REJECT on internal emails

On 19.04.21 16:36, Simon Wilson wrote: - I'm running KAM rules in Spamassassin - Postfix port 587-submitted email is sent to Amavisd (as a content_filter) on port 10026 (tagged as ORIGINATING/MYNETS) and is spam-checked and DKIM-signed on its way out the door, sent back to Postfix at port 1002

Re: Senderscore

On Mon, Apr 19, 2021 at 02:04:55PM +1000, Simon Wilson wrote: > Spamassassin on my mail server uses a local dedicated caching DNS server, > and it is only service which uses it (it's specified in local.cf). > > The last 3 days I have logged about 500 failed DNS query errors to > senderscore.com, e