> On Mon, Apr 19, 2021 at 10:05:21PM +1000, Simon Wilson wrote:
rather than change the channel distributed KAM.cf, what needs to go in
local.cf to tell that not to run? *CAN* it be disabled from local.cf, or can
it only be done by commenting out the entry in KAM.cf?
It would not make any sense to not be able to override things. Or edit a
channel file which would later be overwritten? Of course you can disable it
in local.cf:
score __KAM_DMARC_POLICY_REJECT 0
Thanks Henrik -
So KAM.cf's
askdns __KAM_DMARC_POLICY_REJECT _dmarc._AUTHORDOMAIN_ TXT
/^v=DMARC1;.*\bp=reject;/
is prevented from running its DNS query by setting in local.cf:
score __KAM_DMARC_POLICY_REJECT 0
That is what I wanted to understand :) thanks.
So the best way to disable the KAM DMARC rules is not to set score 0
on the metas, but set score 0 on the askdns rules:
score __KAM_DMARC_POLICY_REJECT 0
score __KAM_DMARC_POLICY_QUAR 0
score __KAM_DMARC_POLICY_NONE 0
score __KAM_DMARC_POLICY_DKIM_STRICT 0
... as then the metas will never pass.
--
Simon Wilson
M: 0400 12 11 16
