Inicio Explorar Axuda
Iniciar sesión
mirrors
/
mailcow-dockerized
réplica de https://github.com/mailcow/mailcow-dockerized
2
0
Fork 0
Ficheiros Incidencias 0 Wiki
Explorar o código

[Rspamd] Exclude DMARC_POLICY_SOFTFAIL from SPOOFED_UNAUTH

andryyy %!s(int64=4) %!d(string=hai) anos
pai
4a355f242f
achega
399951509e
Modificáronse 1 ficheiros con 2 adicións e 1 borrados
Unificar vista Mostrar estatísticas de Diff
  1. 2 1
      data/conf/rspamd/local.d/composites.conf

+ 2 - 1
data/conf/rspamd/local.d/composites.conf
Ver ficheiro 

@@ -12,8 +12,9 @@ SOGO_CONTACT_EXCLUDE {
 
   expression = "(-WHITELISTED_FWD_HOST | -g+:policies) & ^SOGO_CONTACT & !DMARC_POLICY_ALLOW";
 
   expression = "(-WHITELISTED_FWD_HOST | -g+:policies) & ^SOGO_CONTACT & !DMARC_POLICY_ALLOW";
 
 }
 
 }
 
 # Spoofed header from and broken policy (excluding sieve host, rspamd host, whitelisted senders, authenticated senders and forward hosts)
 
 # Spoofed header from and broken policy (excluding sieve host, rspamd host, whitelisted senders, authenticated senders and forward hosts)
 
+# DMARC_POLICY_SOFTFAIL indicates a "none" policy, which we don't want to punish
 
 SPOOFED_UNAUTH {
 
 SPOOFED_UNAUTH {
 
-  expression = "!MAILCOW_AUTH & !MAILCOW_WHITE & !RSPAMD_HOST & !SIEVE_HOST & MAILCOW_DOMAIN_HEADER_FROM & !WHITELISTED_FWD_HOST & -g+:policies";
 
+  expression = "!MAILCOW_AUTH & !MAILCOW_WHITE & !RSPAMD_HOST & !SIEVE_HOST & MAILCOW_DOMAIN_HEADER_FROM & !WHITELISTED_FWD_HOST & -g+:policies & !DMARC_POLICY_SOFTFAIL";
 
   score = 50.0;
 
   score = 50.0;
 
 }
 
 }
 
 # Only apply to inbound unauthed and not whitelisted
 
 # Only apply to inbound unauthed and not whitelisted