mirror of
https://github.com/tomav/docker-mailserver.git
synced 2024-06-26 00:59:32 +02:00
b5b193ca4c
* move `policies_group.conf` to correct location I originally assumed the file had to be placed into `scores.d`, but I now know that `local.d` is actually correct. * add configuration for composite symbols See updates to #3690: Additional Rspamd Symbols Rspamd has so-called composite symbols that trigger when a condition is met. Especially AUTH_NA and AUTH_NA_OR_FAIL will adjust the scores of various lines in the table above. This needs to be taken into account. * update CHANGELOG
111 lines
3.5 KiB
Plaintext
111 lines
3.5 KiB
Plaintext
# Please refer to
|
|
# https://github.com/docker-mailserver/docker-mailserver/issues/3690
|
|
# for understanding this file and its scores' values.
|
|
#
|
|
# This configuration is not 100% compliant with RFC7489.
|
|
# This is intentional! Rspamd has additional symbols than those defined in this file.
|
|
# 100% compliance is not desirable as those symbols will change the overall spam score.
|
|
|
|
symbols = {
|
|
# SPF
|
|
"R_SPF_ALLOW" { # SPF check succeeded
|
|
weight = -1;
|
|
description = "SPF verification allows sending";
|
|
groups = ["spf"];
|
|
}
|
|
"R_SPF_NA" { # SPF is not available for this domain
|
|
weight = 1.5;
|
|
description = "Missing SPF record";
|
|
one_shot = true;
|
|
groups = ["spf"];
|
|
}
|
|
"R_SPF_NEUTRAL" { # same as R_SPF_NA
|
|
weight = 1.5;
|
|
description = "SPF policy is neutral";
|
|
groups = ["spf"];
|
|
}
|
|
"R_SPF_SOFTFAIL" { # there was a temporary DNS issue and SPF could not be checked
|
|
weight = 2.5;
|
|
description = "SPF verification soft-failed";
|
|
groups = ["spf"];
|
|
}
|
|
"R_SPF_DNSFAIL" { # same as R_SPF_SOFTFAIL
|
|
weight = 2.5;
|
|
description = "SPF DNS failure";
|
|
groups = ["spf"];
|
|
}
|
|
"R_SPF_FAIL" { # SPF check failed
|
|
weight = 4.5;
|
|
description = "SPF verification failed";
|
|
groups = ["spf"];
|
|
}
|
|
"R_SPF_PERMFAIL" { # same as R_SPF_FAIL
|
|
weight = 4.5;
|
|
description = "SPF record is malformed or persistent DNS error";
|
|
groups = ["spf"];
|
|
}
|
|
|
|
# DKIM
|
|
"R_DKIM_ALLOW" { # DKIM check succeeded
|
|
weight = -1;
|
|
description = "DKIM verification succeed";
|
|
one_shot = true;
|
|
groups = ["dkim"];
|
|
}
|
|
"R_DKIM_NA" { # DKIM is not available for this domain
|
|
weight = 1;
|
|
description = "Missing DKIM signature";
|
|
one_shot = true;
|
|
groups = ["dkim"];
|
|
}
|
|
"R_DKIM_TEMPFAIL" { # there was a temporary DNS issue and DKIM could not be checked
|
|
weight = 1.5;
|
|
description = "DKIM verification soft-failed";
|
|
groups = ["dkim"];
|
|
}
|
|
"R_DKIM_PERMFAIL" { # DKIM check failed
|
|
weight = 4.5;
|
|
description = "DKIM verification hard-failed (invalid)";
|
|
groups = ["dkim"];
|
|
}
|
|
|
|
"R_DKIM_REJECT" { # same as R_DKIM_PERMFAIL
|
|
weight = 4.5;
|
|
description = "DKIM verification failed";
|
|
one_shot = true;
|
|
groups = ["dkim"];
|
|
}
|
|
|
|
# DMARC
|
|
"DMARC_POLICY_ALLOW" { # DMARC check succeeded
|
|
weight = -1;
|
|
description = "DMARC permit policy";
|
|
groups = ["dmarc"];
|
|
}
|
|
"DMARC_POLICY_ALLOW_WITH_FAILURES" { # DMARC check succeeded but either SPF or DKIM was not successful
|
|
weight = 0;
|
|
description = "DMARC permit policy with DKIM/SPF failure";
|
|
groups = ["dmarc"];
|
|
}
|
|
"DMARC_NA" { # DMARC is not available for this domain
|
|
weight = 0.5;
|
|
description = "No DMARC record";
|
|
groups = ["dmarc"];
|
|
}
|
|
"DMARC_POLICY_SOFTFAIL" { # there was a temporary DNS issue and DMARC could not be checked
|
|
weight = 1.5;
|
|
description = "DMARC soft-failed";
|
|
groups = ["dmarc"];
|
|
}
|
|
"DMARC_POLICY_QUARANTINE" { # DMARC check failed and the policy is to quarantine
|
|
weight = 3;
|
|
description = "DMARC quarantine policy";
|
|
groups = ["dmarc"];
|
|
}
|
|
"DMARC_POLICY_REJECT" { # DMARC check failed and the policy is to reject
|
|
weight = 5.5;
|
|
description = "DMARC reject policy";
|
|
groups = ["dmarc"];
|
|
}
|
|
}
|