proxmox-mirrors/proxmox-spamassassin
1
0
Fork 0
mirror of https://git.proxmox.com/git/proxmox-spamassassin synced 2025-04-28 12:19:37 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
master
proxmox-spamassassin/sa-updates/25_dkim.cf
Stoiko Ivanov 21dcadbf05 update SpamAssassin signatures 
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
2023-03-23 17:52:57 +01:00

148 lines
5.6 KiB
CFEngine3
Raw Permalink Blame History

# SpamAssassin - DKIM rules
#
# Please don't modify this file as your changes will be overwritten with
# the next update. Use /etc/mail/spamassassin/local.cf instead.
# See 'perldoc Mail::SpamAssassin::Conf' for details.
#
# <@LICENSE>
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to you under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at:
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# </@LICENSE>
#
###########################################################################
# Requires the Mail::SpamAssassin::Plugin::DKIM plugin be loaded.
ifplugin Mail::SpamAssassin::Plugin::DKIM
# Note: DKIM_SIGNED, DKIM_VALID and DKIM_VALID_AU are mainly informational
# rules, and can serve as a basis for meta rules; it is not difficult for a
# sender to cause hits on them or to prevent them from firing, so their score
# should be kept low.
full DKIM_SIGNED eval:check_dkim_signed()
describe DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid
tflags DKIM_SIGNED net
reuse DKIM_SIGNED
full DKIM_VALID eval:check_dkim_valid()
describe DKIM_VALID Message has at least one valid DKIM or DK signature
tflags DKIM_VALID net nice
reuse DKIM_VALID
meta DKIM_INVALID DKIM_SIGNED && !DKIM_VALID
describe DKIM_INVALID DKIM or DK signature exists, but is not valid
full DKIM_VALID_AU eval:check_dkim_valid_author_sig()
describe DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain
tflags DKIM_VALID_AU net nice
reuse DKIM_VALID_AU
if (version >= 3.004002)
full DKIM_VALID_EF eval:check_dkim_valid_envelopefrom()
describe DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain
tflags DKIM_VALID_EF net nice
reuse DKIM_VALID_EF
endif
full __DKIM_DEPENDABLE eval:check_dkim_dependable()
describe __DKIM_DEPENDABLE A validation failure not attributable to truncation
reuse __DKIM_DEPENDABLE
header DKIM_ADSP_NXDOMAIN eval:check_dkim_adsp('N')
describe DKIM_ADSP_NXDOMAIN No valid author signature and domain not in DNS
tflags DKIM_ADSP_NXDOMAIN net
reuse DKIM_ADSP_NXDOMAIN
header DKIM_ADSP_DISCARD eval:check_dkim_adsp('D')
describe DKIM_ADSP_DISCARD No valid author signature, domain signs all mail and suggests discarding the rest
tflags DKIM_ADSP_DISCARD net
reuse DKIM_ADSP_DISCARD
header DKIM_ADSP_ALL eval:check_dkim_adsp('A')
describe DKIM_ADSP_ALL No valid author signature, domain signs all mail
tflags DKIM_ADSP_ALL net
reuse DKIM_ADSP_ALL
header DKIM_ADSP_CUSTOM_LOW eval:check_dkim_adsp('1')
describe DKIM_ADSP_CUSTOM_LOW No valid author signature, adsp_override is CUSTOM_LOW
tflags DKIM_ADSP_CUSTOM_LOW net userconf
reuse DKIM_ADSP_CUSTOM_LOW
header DKIM_ADSP_CUSTOM_MED eval:check_dkim_adsp('2')
describe DKIM_ADSP_CUSTOM_MED No valid author signature, adsp_override is CUSTOM_MED
tflags DKIM_ADSP_CUSTOM_MED net userconf
reuse DKIM_ADSP_CUSTOM_MED
header DKIM_ADSP_CUSTOM_HIGH eval:check_dkim_adsp('3')
describe DKIM_ADSP_CUSTOM_HIGH No valid author signature, adsp_override is CUSTOM_HIGH
tflags DKIM_ADSP_CUSTOM_HIGH net userconf
reuse DKIM_ADSP_CUSTOM_HIGH
full __RESIGNER1 eval:check_dkim_valid('linkedin.com')
tflags __RESIGNER1 net
reuse __RESIGNER1
full __RESIGNER2 eval:check_dkim_valid('googlegroups.com','yahoogroups.com','yahoogroups.de')
tflags __RESIGNER2 net
reuse __RESIGNER2
meta __VIA_RESIGNER __RESIGNER1 || __RESIGNER2
describe __VIA_RESIGNER Mail through a popular signing remailer
meta NML_ADSP_CUSTOM_LOW DKIM_ADSP_CUSTOM_LOW && !__VIA_ML && !__VIA_RESIGNER
describe NML_ADSP_CUSTOM_LOW ADSP custom_low hit, and not from a mailing list
meta NML_ADSP_CUSTOM_MED DKIM_ADSP_CUSTOM_MED && !__VIA_ML && !__VIA_RESIGNER
describe NML_ADSP_CUSTOM_MED ADSP custom_med hit, and not from a mailing list
meta NML_ADSP_CUSTOM_HIGH DKIM_ADSP_CUSTOM_HIGH && !__VIA_ML && !__VIA_RESIGNER
describe NML_ADSP_CUSTOM_HIGH ADSP custom_high hit, and not from a mailing list
if can(Mail::SpamAssassin::Plugin::DKIM::has_arc)
full ARC_SIGNED eval:check_arc_signed()
describe ARC_SIGNED Message has a ARC signature
tflags ARC_SIGNED net
reuse ARC_SIGNED
full ARC_VALID eval:check_arc_valid()
describe ARC_VALID Message has a valid ARC signature
tflags ARC_VALID net nice
reuse ARC_VALID
meta ARC_INVALID ARC_SIGNED && !ARC_VALID
describe ARC_INVALID ARC signature exists, but is not valid
endif
#
# old, declared for compatibility with pre-3.3, should have scores 0
#
full DKIM_VERIFIED eval:check_dkim_valid()
tflags DKIM_VERIFIED net nice
reuse DKIM_VERIFIED
header DKIM_POLICY_TESTING eval:check_dkim_testing()
tflags DKIM_POLICY_TESTING net nice
reuse DKIM_POLICY_TESTING
header DKIM_POLICY_SIGNSOME eval:check_dkim_signsome()
tflags DKIM_POLICY_SIGNSOME net nice
reuse DKIM_POLICY_SIGNSOME
header DKIM_POLICY_SIGNALL eval:check_dkim_signall()
tflags DKIM_POLICY_SIGNALL net nice
reuse DKIM_POLICY_SIGNALL
endif # Mail::SpamAssassin::Plugin::DKIM
Reference in New Issue View Git Blame Copy Permalink