vstakhov
commented
8 years ago SPF support now lives in Rspamd and it has been removed from Rmilter couple of years ago.
Closed madorin closed 7 years ago
vstakhov
commented
8 years ago SPF support now lives in Rspamd and it has been removed from Rmilter couple of years ago.
moisseev
commented
8 years ago @madorin The simplest approach is just to increase the symbol score in Rspamd configuration. local.d/metrics.conf:
group "spf" {
symbol "R_SPF_FAIL" {
weight = 8.0;
description = "SPF verification failed";
}
}
xpunkt
commented
8 years ago and score on spf fail is still low in rspamd
thanks moisseev
same could be done with dkim and dmarc testing imho on fails
but note since so many braindead maillist managers break dkim its with false rejects so, to avoid this make sure you whitelist maillist domains first before turning on
madorin
commented
8 years ago Thanks for quick response!
fatalbanana
commented
8 years ago One can create rules in rspamd to force rejection on whatever symbols (+ other conditions) they want (DMARC module, among others has built-in support for such; multimap being the most generally useful)
For example, add to /etc/rspamd/lua/rspamd.local.lua:
local myfunc = function(task)
if task:has_symbol('R_SPF_REJECT') then
task:set_pre_result('reject', 'I rejected it')
end
end
local id = rspamd_config:register_symbol('MY_REJECT', 1.0, myfunc)
rspamd_config:register_dependency(id, 'R_SPF_REJECT')It is also possible to use rspamd to test SPF without message data but I believe rmilter does not support that.
vstakhov
commented
8 years ago It does not support it just because nobody asked me to add this support :)
Did not found related to this on rmilter website page nor any samples in configuration files.
Is there a way to reject SPF check failed messages? or to add a header for soft-failed, for later moving in Junk folder by Dovecot?
Thanks!