I've got a few users on my server that forward their email to gmail, and
sometimes my server accepts email that gmail rejects bounces back to me.
When that happens I try to see if there is something I could have done
better on my server so that I wouldn't have accepted that email in the
first place. Today I had a bounce with the following message:
Remote host said: 550-5.7.1 Unauthenticated email from aol.com is not
accepted due to domain's
550-5.7.1 DMARC policy. Please contact the administrator of aol.com domain
550-5.7.1 this was a legitimate mail. Please visit
550-5.7.1 https://support.google.com/mail/answer/2451690 to learn about the
550 5.7.1 DMARC initiative. i6si10846092pgt.798 - gsmtp
Looking at the message and the headers, it was clearly spam with a forged
sender. It's exactly the kind of email I don't want to accept, let alone
forward to another service.
How can I add DMARC policy checking to my filter path, to prevent my server
from accepting this junk in the first place?