>> >> Hi Wolfgang, >> >> On 28/09/15 16:24, haman...@t-online.de wrote: >> > I have installed dkim on qmail (not sure about details, it is working >> > since a few years) >> > Your original post said there was SPF fail on the incoming message, so you >> > could already >> > score on that. >> Looks like my setup ignores it. Where's the best place to update that >> scoring? >> > I have enabled plugin support on qmail (not sure whether that is contained >> > in your package), >> > and I have worked on qmail-scanner-queue.pl >> >> I have qmail-scanner-queue.pl installed for Spamassassin and ClamAV. I also >> have the >> Mail::SpamAssassin::Plugin::DKIM configured in: >> >> # grep loadplugin /etc/mail/spamassassin/v312.pre >> loadplugin Mail::SpamAssassin::Plugin::DKIM >> >> > Both are good places to add extra filtering. The plugin would outright >> > reject mail, >> > where qmail-scanner would rather tag it as "potential virus" >> > So if you are very sure that nobody in your organisation would ever send >> > from your domain >> > through a different mail server (maybe when sending from a mobile), you >> > should probably use >> > the plugin. A plugin is an executable (script) that reads ENV variables >> > like SMPTMAILFROM >> > and SMTPRCPTTO and either does nothing or outputs a single line of text >> > like >> > E550 your mail is not welcome. Go away >> >> Nobody should be sending from a different mail server. We use IMAPS and >> authenticated SMTPS for >> external users (mobiles, laptops, etc.). >> Hi Tom,
you might try to change your scores for SPF_FAIL, DKIM_FAIL etc. (but you might have some legit mail tagged as spam) About plugins: I was talking about qmail plugins rather than SA plugins, so mail is checked and possibly rejected during the SMTP transaction. It is also possible to do SPF and DKIM verification inside qmail. I am pretty sure I had to patch qmail to enable these things, but that was probably ten years ago. I have no idea whether current install packages include them Regards Wolfgang
