Re: How to Bypass Specific Spamassassin Rule

2019-11-16 Thread KADAM, SIDDHESH 

Thanks All

@Henrik It worked 

On 11/15/2019 3:41 PM, Henrik K wrote:

If you don't want to hit it at all for some recipient, you can try
redefining the whole UNWANTED_LANGUAGE_BODY rule into a meta.

body __UNWANTED_LANGUAGE_BODY eval:check_language()
header __UNWANTED_LANGUAGE_SKIP X-Envelope-To =~ /\@foo\.com>/i
meta UNWANTED_LANGUAGE_BODY __UNWANTED_LANGUAGE_BODY && 
!__UNWANTED_LANGUAGE_SKIP

Note that X-Envelope-To might be Amavis specific header..  you can check
basic To header also, but it can be faked or missing unlike envelope
address.


On Fri, Nov 15, 2019 at 11:51:12AM +0530, KADAM, SIDDHESH wrote:

Hi Folks,

I have multiple domains which are running after Spamassassin server.

I want to bypass one specific Spamassassin rule ie TextCat(Unwanted
Language) for one recipient domain.

Can someone please help me in achieving this requirement.

Regards,
Siddhesh

Re: DMARC_REJECT?

2019-11-16 Thread Henrik K 
On Sat, Nov 16, 2019 at 06:39:04PM +, David Jones wrote:
> 
> We should add default rules to the SA ruleset that would utilize 
> OpenDMARC headers if they were present similar to how SPF checks can use 
> Received-SPF and Authentication-Results headers on internal headers.
> 
> Any perl people out there want to take a shot at a DMARC plugin that 
> would use Authentication-Results nternal headers?
> 

We already have AuthRes plugin committed that does it:

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=6918

Feel free to contribute / test there.

Re: DMARC_REJECT?

2019-11-16 Thread David Jones 
On 11/16/19 12:19 AM, Dominic Raferd wrote:
> 
> 
> On Fri, 15 Nov 2019 at 21:17, Kevin A. McGrail  > wrote:
> 
> Good idea.  This is done.
> 
> On 11/15/2019 11:49 AM, David Jones wrote:
>  > Perhaps it needs to be named KAM_DMARC_REJECT to make it obvious
> that it
>  > came from the KAM.cf and have a default score of 0.001?
> 
> 
> I believe only the renaming has been done, the default score remains 10; 
> so anyone overriding the default score (that would be, er, me) needs to 
> update their local settings for the new name.

Yes the rename was the only thing done.  The default score should be 
0.001 in KAM.cf then local overrides and meta rules could be used to 
bump up the score as needed.

The only way to get complete/true DMARC support in SA is to install 
OpenDMARC as a milter and then setup local rules to use the headers it 
adds that are specific to the AuthservID value in the 
/etc/opendmarc/opendmarc.conf.

We should add default rules to the SA ruleset that would utilize 
OpenDMARC headers if they were present similar to how SPF checks can use 
Received-SPF and Authentication-Results headers on internal headers.

Any perl people out there want to take a shot at a DMARC plugin that 
would use Authentication-Results nternal headers?


Examples:

Authentication-Results: smtp.ena.net; dkim=none
Authentication-Results: smtp.ena.net; dmarc=pass (p=none dis=none) 
header.from=dmarc.org
Authentication-Results: smtp.ena.net;
  dkim=pass (1024-bit key) header.d=dmarc.org header.i=@dmarc.org
Authentication-Results: smtp.ena.net; spf=none (mailfrom)
Authentication-Results: smtp.ena.net;
  dkim=pass (2048-bit key) header.d=dmarc.org header.i=@dmarc.org
Authentication-Results: smtp.ena.net; spf=pass (mailfrom) 
smtp.mailfrom=ncas.us-cert.gov (client-ip=208.42.190.161; 
helo=mailer190161.service.govdelivery.com; 
envelope-from=messa...@ncas.us-cert.gov; receiver=b...@example.com)
Authentication-Results: smtp.ena.net; dmarc=pass (p=reject dis=none) 
header.from=ncas.us-cert.gov
Authentication-Results: smtp.ena.net;
  dkim=pass (2048-bit key) header.d=ncas.us-cert.gov 
header.i=@ncas.us-cert.gov

-- 
David Jones

Re: External whitelist_from and blacklist_from lists

2019-11-16 Thread Kevin A. McGrail 
Sure.  Add them to any .cf file.

On 11/16/2019 10:19 AM, Daryl Rose wrote:
> Can I have external whitelist_from and blacklist_from lists? 
> Currently they're in the users_prefs file and are growing.  I would
> prefer to have an external list and keep them out of the users_prefs
> file.
>
> Thanks
>
> Daryl

-- 
Kevin A. McGrail
kmcgr...@apache.org

Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171

Re: DMARC_REJECT?

2019-11-16 Thread Kevin A. McGrail 
Yeah, I'm going to lower it while we look into RW's suggestions about
the rule.

On 11/16/2019 1:19 AM, Dominic Raferd wrote:
>
>
> On Fri, 15 Nov 2019 at 21:17, Kevin A. McGrail  > wrote:
>
> Good idea.  This is done.
>
> On 11/15/2019 11:49 AM, David Jones wrote:
> > Perhaps it needs to be named KAM_DMARC_REJECT to make it obvious
> that it
> > came from the KAM.cf and have a default score of 0.001?
>
>
> I believe only the renaming has been done, the default score remains
> 10; so anyone overriding the default score (that would be, er, me)
> needs to update their local settings for the new name.

-- 
Kevin A. McGrail
kmcgr...@apache.org

Member, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project
https://www.linkedin.com/in/kmcgrail - 703.798.0171

External whitelist_from and blacklist_from lists

2019-11-16 Thread Daryl Rose 
Can I have external whitelist_from and blacklist_from lists?  Currently
they're in the users_prefs file and are growing.  I would prefer to have an
external list and keep them out of the users_prefs file.

Thanks

Daryl