Enforcing inbound DKIM / DMARC
Posted: 31 Aug 2021 02:40
I want to run a fairly strict email filter for inbound email. I can get eFa to block incoming email with bad SPF records:
In /etc/mail/spamassassin/mailscanner.cf:
How can I achieve a similar outcome for DKIM and DMARC fails?
I want to:
a. block email with a faulty / forged DKIM signature
b. block unsigned email where there is a DMARC record with "reject" set
In /etc/mail/spamassassin/mailscanner.cf:
Code: Select all
score SPF_FAIL 7.00
score SPF_SOFTFAIL 4.50
score SPF_HELO_FAIL 7.00
score SPF_NEUTRAL 3.00
I want to:
a. block email with a faulty / forged DKIM signature
b. block unsigned email where there is a DMARC record with "reject" set