Hi,
the scoring of SpamAssassin is somehow wrong.
From the the header
Authentication-Results: ...;
dkim=fail reason="signature verification failed" (2048-bit key;
unprotected) header.d=pt838.cc ...
But SpamAssassin gives a bonus:
DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
DKIM_VALID_EF=-0.1, DMARC_PASS=-0.001,
From the journal
Nov 11 17:14:01 mx1 opendkim[897]: 0013F600D4: no signing table match
for '[email protected]'
Nov 11 17:14:01 mx1 opendkim[897]: 0013F600D4: s=dkim d=pt838.cc
a=rsa-sha256 SSL error:02000068:rsa routines::bad signature
Nov 11 17:14:01 mx1 opendkim[897]: 0013F600D4: bad signature data
Quick solution:
header DKIM_FAIL_AR Authentication-Results =~
/\b[A-Za-z0-9]+\.example\.[A-Za-z]{2,3};\s*dkim=fail\b/i
describe DKIM_FAIL_AR DKIM failed according to our
Authentication-Results
score DKIM_FAIL_AR 2.0
Why the bonus and no DKIM_INVALID?
Best regards
Thomas B
