Meta rules on not spf pass or not dkim valid Whitelist_auth *@example.org meta forged_sender_not_pass ((!spf_pass || !dkim_valid_au) && (!user_in_*)
Will be unneeded when dmarc is a spamassassin plugin, until then only something like above is possible, just exspand it to specific domain, above model is untested but should work
Give the meta a score of blacklist_from On May 18, 2015 3:35:55 PM Reindl Harald <h.rei...@thelounge.net> wrote:
well, that below could only work if the SPF-check would also hit the FROM-header and not only the envelope, in reality "blacklist_from" hits both but in case of a bounce / auto-reply with the null-sender you block it - that's bad because otherwise you could stop forging score USER_IN_BLACKLIST 50.0 score USER_IN_SPF_WHITELIST -100.0 score USER_IN_DKIM_WHITELIST -100.0 whitelist_auth *@paylife.at whitelist_auth *@sparkasse.at blacklist_from *@paylife.at blacklist_from *@sparkasse.at
