Marc, I've added __ML!-5 as per documentation of amavisd 2.6.x . I've added the other settings and will test it for the next couple of days.
Thnx, Alrik On Fri, Aug 21, 2009 at 3:42 PM, Mark Martinec<mark.martinec+ama...@ijs.si> wrote: > Alrik, > >> I have DKIM up and running with amavisd and spamassassin. Validation >> works fine for my own domain (e.g. mydomain.com) and other domains >> like gmail.com. In order to minimize the "UNSOLICITED BULK EMAIL, >> apparently from you" messages, I would like to reject message that are >> sent with a from address of mydomain.com with no or no valid DKIM >> result. >> >> I followed the documentation and added to local.cf: >> >> header __AUTH_MYDOMAINCOM From:addr =~ m...@mydomain\.com$}mi >> describe __AUTH_MYDOMAINCOM Author claims to be from mydomain.com >> >> meta NOTVALID_MYDOMAINCOM (!DKIM_VERIFIED || !DKIM_SIGNED) && >> __AUTH_MYDOMAINCOM >> priority NOTVALID_MYDOMAINCOM 500 >> describe NOTVALID_MYDOMAINCOM Claims to be from mydomain.com but is not >> >> score NOTVALID_MYDOMAINCOM 6.0 >> >> Is this the way to go? A problem I foresee is that emails sent from >> us...@mydomain.com to us...@mydomain.com doesn't get DKIM signed. So >> in the above method, these emails will be marked as spam. Which I >> obviously don't want. > > As Thomas said, using the new DKIM plugin (SA 3.3.0) can save you the > trouble of writing rules like above by introducing support for ADSP > and a SA configuration command 'adsp_override'. > > But as you noticed, this approach is probably not the best to fight > incoming mail claiming to be from your own domain: > > - on originating mail (submitted from inside) which is to be signed > by amavisd, the invoked SpamAssassin does not yet see the coming > signature, so it would see a message as unsigned. A way around this > is to add a rule to test for locally submitted mail, and exclude > such from your meta rule: > > header __L_MYNETS X-Amavis-PolicyBank =~ m{(\A|/)(MYNETS|ORIGINATING)(/|$)}m > > - the other problem is that mail sent from your users to most mailing > lists comes back modified (advertising, disclaimers, ...) thus breaking > a DKIM signature, yet still contains the original From address, which > will trigger your rule. > > Here as the rules used at our site, which work fairly well: > > header __ML1 Precedence =~ m{\b(list|bulk)\b}i > header __ML2 exists:List-Id > header __ML3 exists:List-Post > header __ML4 exists:Mailing-List > header __ML5 Return-Path:addr =~ > m{^([...@]+-(request|bounces|admin|owner)|owner-...@]+)(\@|\z)}mi > meta __VIA_ML __ML1 || __ML2 || __ML3 || __ML4 || __ML5 > describe __VIA_ML Mail from a mailing list > > # adjust for your domain(s): > header __L_FROM_MY_ENV Return-Path:addr =~ /\a...@.]example\.com$/mi > header __L_FROM_MY_AUTHOR From:addr =~ > /\@([...@]*\.)?example\.com$/mi > > meta L_FOREIGN_MY_ENV !(DKIM_VALID || __L_MYNETS) && __L_FROM_MY_ENV > score L_FOREIGN_MY_ENV 2.5 > > meta L_FOREIGN_MY_AUTHOR !(DKIM_VALID || __L_MYNETS || __VIA_ML) && > __L_FROM_MY_AUTHOR > score L_FOREIGN_MY_AUTHOR 2.0 > > > Btw, the __ML[1-5] and __VIA_ML are already in the file 20_head_tests.cf > as distributed with SA 3.3.0 (alpha2) ruleset. > > Mark > > ------------------------------------------------------------------------------ > Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day > trial. Simplify your report design, integration and deployment - and focus on > what you do best, core application coding. Discover what's new with > Crystal Reports now. http://p.sf.net/sfu/bobj-july > _______________________________________________ > AMaViS-user mailing list > AMaViS-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/amavis-user > AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 > AMaViS-HowTos:http://www.amavis.org/howto/ > ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/