I have a number of domains that I'm trying to whitelist. They hit DKIM_VALID and SPF_PASS but all don't hit DKIM_VALID_AU. First, why would they hit DKIM_VALID and not DKIM_VALID_AU?
>From >bounce-mc.us1_1211649.1262601-kelly.boschen=example....@mail93.suw13.rsgsv.net Sat Jul 29 14:23:05 2017 From: =?utf-8?Q?Lifehacker=20Newsletter?= <newslet...@lifehacker.com> What is mail93.suw13.rsgsv.net? Can we be assured that's the host designated to this sender? And of course I'm assuming there's the potential they could reuse that host for another customer at some point in the future. Would whitelist_auth *@mail93.suw13.rsgsv.net whitelist only mail from lifehacker? Or would I have to use whitelist_from_rcvd? Another example: >From deerpark+caf_=44451=example....@gmail.com Sat Jul 29 09:43:33 2017 From: "Office Depot" <rewa...@e.officedepot.com> In this case I can't use whitelist_auth *@gmail.com, but using whitelist_from_rcvd and gmail.com is not a good idea either. I'm also curious what Google service Office Depot is using to route their mail? Is it just GMail for Business or something? My third example: >From >0101015d8f37100b-117c2da7-b060-4247-a511-6e473d6822c2-000...@us-west-2.amazonses.com Sat Jul 29 12:39:02 2017 From: Southwest Airlines <surv...@southwest.magid.com> This also passed DKIM_VALID_AU and SPF_PASS. How do you whitelist mail that is routed through amazon? I realize I could probably get away without whitelisting all of these and never have a problem. These are just examples (and to better understand). I'd also like to be able to increase scores of other rules affecting these emails and not have to worry about them becoming false-positives.
