Luis Daniel, > I'd like to block this: > > Jan 12 14:23:57 laposte amavis[27651]: (27651-06) dkim: FAILED > Author+Sender signature by i=dagui...@domain.com.mx, From: > <dagui...@domain.com.mx>, a=rsa-sha1, c=nofws, s=domain.com.mx, > d=domain.com.mx, ORIG [10.200.0.1:41420], fail ( > message has been altered) > > domain.com.mx is my localdomain and this is aborder antispam, no emails > from domain.com.mx to domain.com.mx should go thrugh this server.
Do you mean any incoming message bearing your domain in a From header field and failing a signature verification, or this particular combination where both the envelope sender and the author (From), as well as the signing domain are your own domain? > I'd like to give a +10 spam grade if DKIM failed, is this a amavisd task > or I should configure SA DKIM verification rules to do this? If your users never send mail to mailing lists, and you want to block any mail without a valid signature with a given domain name in a From header field, the cleanest and nicest solution is offered by SpamAssassin 3.3.0, just about to be released (-rc1 and -rc2 are out): score DKIM_ADSP_CUSTOM_HIGH 10 adsp_override domain.com.mx custom_high adsp_override paypal.com adsp_override *.paypal.com adsp_override amazon.com all ... (see 60_adsp_override_dkim.cf and Mail::SpamAssassin::Plugin::DKIM man page) If, however, some clobbered (header/footer/signatures/ads) messages are expected back from mailing lists and bearing your domain in a From, this is tougher to do well selectively. See a meta rule __VIA_ML in 20_head_tests.cf and its use in 25_dkim.cf for some ideas (referring to rules that come with SpamAssassin 3.3.0). It would be possible to devise some selective filtering for special needs through custom hooks in amavisd, although I don't think it is worth the trouble - the SA rules are probably easier to understand and work with. Note that the combination of amavisd 2.6.3 or later, and SpamAssassin 3.3.0, allows SA to receive full information on DKIM validation from amavisd (even for large messages which are truncated at $sa_mail_body_size_limit), and avoids the need to redo the signature verification in its DKIM plugin (see amavisd release notes). Mark ------------------------------------------------------------------------------ Throughout its 18-year history, RSA Conference consistently attracts the world's best and brightest in the field, creating opportunities for Conference attendees to learn about information security's most important issues through interactions with peers, luminaries and emerging and established companies. http://p.sf.net/sfu/rsaconf-dev2dev _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
