mirror/docker-mailserver
1
1
Fork 0
mirror of https://github.com/docker-mailserver/docker-mailserver synced 2025-04-21 01:08:02 +02:00
Code Issues
docs/smtp-bind-fix-snippet-titles
docker-mailserver/target/rspamd/local.d/policies_group.conf
Georg Lauterbach b5b193ca4c
Rspamd: minor tweaks and follow-up for SPF, DKIM and DMARC symbols (#3923) 
* move `policies_group.conf` to correct location

I originally assumed the file had to be placed into `scores.d`, but I
now know that `local.d` is actually correct.

* add configuration for composite symbols

See updates to #3690:

Additional Rspamd Symbols

Rspamd has so-called composite symbols that trigger when a condition
is met. Especially AUTH_NA and AUTH_NA_OR_FAIL will adjust the scores
of various lines in the table above. This needs to be taken into account.

* update CHANGELOG
2024-03-05 10:48:49 +01:00

111 lines
3.5 KiB
Plaintext
Raw Permalink Blame History

# Please refer to
# https://github.com/docker-mailserver/docker-mailserver/issues/3690
# for understanding this file and its scores' values.
#
# This configuration is not 100% compliant with RFC7489.
# This is intentional! Rspamd has additional symbols than those defined in this file.
# 100% compliance is not desirable as those symbols will change the overall spam score.
symbols = {
# SPF
"R_SPF_ALLOW" { # SPF check succeeded
weight = -1;
description = "SPF verification allows sending";
groups = ["spf"];
}
"R_SPF_NA" { # SPF is not available for this domain
weight = 1.5;
description = "Missing SPF record";
one_shot = true;
groups = ["spf"];
}
"R_SPF_NEUTRAL" { # same as R_SPF_NA
weight = 1.5;
description = "SPF policy is neutral";
groups = ["spf"];
}
"R_SPF_SOFTFAIL" { # there was a temporary DNS issue and SPF could not be checked
weight = 2.5;
description = "SPF verification soft-failed";
groups = ["spf"];
}
"R_SPF_DNSFAIL" { # same as R_SPF_SOFTFAIL
weight = 2.5;
description = "SPF DNS failure";
groups = ["spf"];
}
"R_SPF_FAIL" { # SPF check failed
weight = 4.5;
description = "SPF verification failed";
groups = ["spf"];
}
"R_SPF_PERMFAIL" { # same as R_SPF_FAIL
weight = 4.5;
description = "SPF record is malformed or persistent DNS error";
groups = ["spf"];
}
# DKIM
"R_DKIM_ALLOW" { # DKIM check succeeded
weight = -1;
description = "DKIM verification succeed";
one_shot = true;
groups = ["dkim"];
}
"R_DKIM_NA" { # DKIM is not available for this domain
weight = 1;
description = "Missing DKIM signature";
one_shot = true;
groups = ["dkim"];
}
"R_DKIM_TEMPFAIL" { # there was a temporary DNS issue and DKIM could not be checked
weight = 1.5;
description = "DKIM verification soft-failed";
groups = ["dkim"];
}
"R_DKIM_PERMFAIL" { # DKIM check failed
weight = 4.5;
description = "DKIM verification hard-failed (invalid)";
groups = ["dkim"];
}
"R_DKIM_REJECT" { # same as R_DKIM_PERMFAIL
weight = 4.5;
description = "DKIM verification failed";
one_shot = true;
groups = ["dkim"];
}
# DMARC
"DMARC_POLICY_ALLOW" { # DMARC check succeeded
weight = -1;
description = "DMARC permit policy";
groups = ["dmarc"];
}
"DMARC_POLICY_ALLOW_WITH_FAILURES" { # DMARC check succeeded but either SPF or DKIM was not successful
weight = 0;
description = "DMARC permit policy with DKIM/SPF failure";
groups = ["dmarc"];
}
"DMARC_NA" { # DMARC is not available for this domain
weight = 0.5;
description = "No DMARC record";
groups = ["dmarc"];
}
"DMARC_POLICY_SOFTFAIL" { # there was a temporary DNS issue and DMARC could not be checked
weight = 1.5;
description = "DMARC soft-failed";
groups = ["dmarc"];
}
"DMARC_POLICY_QUARANTINE" { # DMARC check failed and the policy is to quarantine
weight = 3;
description = "DMARC quarantine policy";
groups = ["dmarc"];
}
"DMARC_POLICY_REJECT" { # DMARC check failed and the policy is to reject
weight = 5.5;
description = "DMARC reject policy";
groups = ["dmarc"];
}
}
View Git Blame Copy Permalink