Am 12.01.2016 um 15:03 schrieb Gerhard Rappenecker:
I'd like to discard, reject or quarantine mails from a specific domain, but only if they have no or no valid DKIM signature.
it's your policy but usually it's wrong to reject on no or no valid DKIM signature ¹) You want DMARC but DMARC validation is not implemented in amavisd-new we run a pipeline of milters here: - smf-spf milter for SPF validation - opendkim for DKIM validation - opendmarc to inspect SPF+DKIM result and apply a policy - amavisd-milter for content inspection Andreas ¹) https://tools.ietf.org/html/rfc6376#section-6.1: ... a Verifier SHOULD NOT treat a message that has one or more bad signatures and no good signatures differently from a message with no signature at all.
