mirror of
https://github.com/chatmail/relay.git
synced 2026-05-15 02:14:36 +00:00
31 lines
1.1 KiB
Plaintext
31 lines
1.1 KiB
Plaintext
rules {
|
|
REJECT_DKIM_SPF {
|
|
action = "reject";
|
|
# Reject if
|
|
# - R_DKIM_RJECT: DKIM reject inserted by `dkim` module.
|
|
# - R_DKIM_PERMFAIL: permanent failure inserted by `dkim` module e.g. no DKIM DNS record found.
|
|
# - No DKIM signing (R_DKIM_NA symbol inserted by `dkim` module)
|
|
#
|
|
# - SPF failure (R_SPF_FAIL)
|
|
# - SPF permanent failure, e.g. failed to resolve DNS record referenced from SPF (R_SPF_PERMFAIL)
|
|
#
|
|
# - DMARC policy failure (DMARC_POLICY_REJECT)
|
|
#
|
|
# Do not reject if:
|
|
# - R_DKIM_TEMPFAIL, it is a DNS resolution failure
|
|
# and we do not want to lose messages because of faulty network.
|
|
#
|
|
# - R_SPF_SOFTFAIL
|
|
# - R_SPF_NEUTRAL
|
|
# - R_SPF_DNSFAIL
|
|
# - R_SPF_NA
|
|
#
|
|
# - DMARC_DNSFAIL
|
|
# - DMARC_NA
|
|
# - DMARC_POLICY_SOFTFAIL
|
|
# - DMARC_POLICY_QUARANTINE
|
|
# - DMARC_BAD_POLICY
|
|
expression = "R_DKIM_REJECT | R_DKIM_PERMFAIL | R_DKIM_NA | R_SPF_FAIL | R_SPF_PERMFAIL | DMARC_POLICY_REJECT";
|
|
}
|
|
}
|