Re: KAM_DMARC_REJECT on internal emails

Mon, 19 Apr 2021 10:19:37 -0700 

On Mon, 19 Apr 2021 19:03:55 +0200
Matus UHLAR - fantomas wrote:

> >On 19 Apr 2021, at 11:30, Matus UHLAR - fantomas wrote:  
> >> I understand this as:
> >>
> >> if mail was received by internal relay unauthenticated, it's
> >> external,  
> 
> On 19.04.21 12:49, Bill Cole wrote:
> >I cannot make SA behave that way.  
> 
> why not?
> 
> meta     KAM_DMARC_REJECT  __LAST_EXTERNAL_RELAY_NO_AUTH &&
> !(DKIM_VALID_AU || SPF_PASS) && __KAM_DMARC_POLICY_REJECT
> 
> should avoid KAM_DMARC_REJECT if the mail was accepted authenticated
> by internal relay from external one.
> 


__LAST_EXTERNAL_RELAY_NO_AUTH will hit if an email arrived in the
internal network from external-trusted.

Reply via email to