Hello Gerhard, you could try a custom spamassassin rule.
These rules go into ~amavis/.spamassassin/user_prefs There are already some SPF/DKIM rules in spamassassin. See file 25_spf.cf or 25_dkim.cf of spamassassin. # Then you create a rule to identify your domain: header MY_FROM From =~ /example.com/i describe MY_FROM Sender is from example.com # Now you create a rule to combine them: meta MY_FROM_WITHOUT_SPF MY_FROM && (SPF_NONE || SPF_FAIL) describe MY_FROM_WITHOUT_SPF Sender is from my domain, but has no SPF score MY_FROM_WITHOUT_SPF 9 # or: meta MY_FROM_WITHOUT_DKIM MY_FROM && !DKIM_VALID describe MY_FROM_WITHOUT_DKIM Sender is from my domain, but has no DKIM score MY_FROM_WITHOUT_DKIM 9 The high score tells amavis to quarantine such mails. Please check, if the above criteria are really useful for you. Have a look in /usr/share/spamassassin/ . Maybe some other criteria is more apropriate? Test before using this in production. See "debug-sa" parameter to amavis. Best Regards Matthias Am 13.01.2016 um 17:19 schrieb Gerhard Rappenecker: > Hello all, > > thanks a lot for all answers. > > It seems I have to use SPF or DMARC to get what I want. Unfortunately these > components are not integrated in the SuSE Linux software distribution. I'd > like to use only the onboard resources postfix, amavis-new with DCIM, > spamassassin because of automatic updating. > > Is there actually no way in amavis (or spamassassin) to reject/quaratine > mails from a specific sender with no or an invalid DKIM signatur? > Is there any way to reject those mails in postfix after amavis DKIM verifying? > > I've allready tried to check the headers in postfix for DKIMs > "Authentication-Results", but "header_checks" take place before the DKIM > verification and "smtp_header_checks" do not allow to cutoff the mail > delivery. > > Hope anyone can help me > > best regards > Gerhard > > >>>> Maurizio Marini <[email protected]> schrieb am Mittwoch, 13. Januar >>>> 2016 um > 12:27 in Nachricht <[email protected]>: >> On Wed, 13 Jan 2016 12:01:52 +0100 >> "Gerhard Rappenecker" <[email protected]> wrote: >> >>> My intention is, to reject mail from outside with a faked sender adress >>> of our own domain. In the past we were attacked by such mails to our >>> mailinglists. >> Hello Gerhard >> I use spf with -all instead of ~all to do exactly what you want. >> I do not received anymore spam with my domain in from address >> I mean: @datalogica.com >> -m > > >
