However, a message must be correctly DKIM signed to get some more
negative weight in case an received IP is listed with medium or
high trust at DNSWL.
This supersedes a first patch without the DKIM condition.
}
RCVD_UNAUTH_PBL {
expression = "RECEIVED_PBL & -RCVD_VIA_SMTP_AUTH";
- description = "Relayed through ZEN PBL IP without sufficient authentication";
+ description = "Relayed through ZEN PBL IP without sufficient authentication (possible indicating an open relay)";
score = 2.0;
- policy = "leave";
+ }
+ RCVD_DKIM_DNSWL_MED {
+ expression = "R_DKIM_ALLOW & RCVD_IN_DNSWL_MED";
+ description = "Sufficiently DKIM signed and received from IP with medium trust at DNSWL";
+ score = -1.5;
+ }
+ RCVD_DKIM_DNSWL_HI {
+ expression = "R_DKIM_ALLOW & RCVD_IN_DNSWL_HI";
+ description = "Sufficiently DKIM signed and received from IP with high trust at DNSWL";
+ score = -3.5;
}
.include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/composites.conf"
description = "Sender listed at https://www.dnswl.org, no trust";
}
"RCVD_IN_DNSWL_LOW" {
- weight = 0.0;
+ weight = -0.5;
description = "Sender listed at https://www.dnswl.org, low trust";
}
"RCVD_IN_DNSWL_MED" {
- weight = 0.0;
+ weight = -0.5;
description = "Sender listed at https://www.dnswl.org, medium trust";
}
"RCVD_IN_DNSWL_HI" {
- weight = 0.0;
+ weight = -0.5;
description = "Sender listed at https://www.dnswl.org, high trust";
}
projects / thirdparty / rspamd.git / commitdiff
