Hello Matthias, that works! Thanks a lot!
In my SuSE Linux I put the rules MY_FROM and MY_FROM_WITHOUT_DKIM in /etc/mail/spamassassin/local.cf: To avoid to check the originating mails which don't have a DKIM Signature at this point I bypass spam check in amavisd.conf with: $policy_bank{'MYNETS'} = { ... bypass_spam_checks_maps => [1] }; $policy_bank{'ORIGINATING'} = { ... bypass_spam_checks_maps => [1] }; I think this could be done better. Is it possible to bypass DKIM-checking for originating mails in spamassassin instead of bypassing the spam check at all for such mails? Now amavis-new quaratine positive mails to /var/spool/amavis/virusmails and also delivers them. How can I manage to discard them instead or to do somthing else? (I'm a beginner with amavis ;) Is there any notification-/cleaning-tool in amavis to manage the quaratine files? Best regards Gerhard >>> Matthias Weigel <matthias.wei...@maweos.de> schrieb am Mittwoch, 13. Januar 2016 um 18:47 in Nachricht <56968da6.2050...@maweos.de>: > Hello Gerhard, > > you could try a custom spamassassin rule. > > These rules go into ~amavis/.spamassassin/user_prefs > > There are already some SPF/DKIM rules in spamassassin. See file > 25_spf.cf or 25_dkim.cf of spamassassin. > > # Then you create a rule to identify your domain: > header MY_FROM From =~ /example.com/i > describe MY_FROM Sender is from example.com > > # Now you create a rule to combine them: > meta MY_FROM_WITHOUT_SPF MY_FROM && (SPF_NONE || SPF_FAIL) > describe MY_FROM_WITHOUT_SPF Sender is from my domain, but has no SPF > score MY_FROM_WITHOUT_SPF 9 > > # or: > meta MY_FROM_WITHOUT_DKIM MY_FROM && !DKIM_VALID > describe MY_FROM_WITHOUT_DKIM Sender is from my domain, but has no DKIM > score MY_FROM_WITHOUT_DKIM 9 > > The high score tells amavis to quarantine such mails. > > Please check, if the above criteria are really useful for you. Have a > look in /usr/share/spamassassin/ . Maybe some other criteria is more > apropriate? > > Test before using this in production. See "debug-sa" parameter to amavis. > > Best Regards > > Matthias > > > > Am 13.01.2016 um 17:19 schrieb Gerhard Rappenecker: >> Hello all, >> >> thanks a lot for all answers. >> >> It seems I have to use SPF or DMARC to get what I want. Unfortunately these > components are not integrated in the SuSE Linux software distribution. I'd > like to use only the onboard resources postfix, amavis-new with DCIM, > spamassassin because of automatic updating. >> >> Is there actually no way in amavis (or spamassassin) to reject/quaratine > mails from a specific sender with no or an invalid DKIM signatur? >> Is there any way to reject those mails in postfix after amavis DKIM > verifying? >> >> I've allready tried to check the headers in postfix for DKIMs > "Authentication-Results", but "header_checks" take place before the DKIM > verification and "smtp_header_checks" do not allow to cutoff the mail > delivery. >> >> Hope anyone can help me >> >> best regards >> Gerhard >> >> >>>>> Maurizio Marini <mau...@datalogica.com> schrieb am Mittwoch, 13. Januar >>>>> 2016 > um >> 12:27 in Nachricht <20160113122726.221e5099.mau...@datalogica.com>: >>> On Wed, 13 Jan 2016 12:01:52 +0100 >>> "Gerhard Rappenecker" <g.rappenec...@hs-offenburg.de> wrote: >>> >>>> My intention is, to reject mail from outside with a faked sender adress >>>> of our own domain. In the past we were attacked by such mails to our >>>> mailinglists. >>> Hello Gerhard >>> I use spf with -all instead of ~all to do exactly what you want. >>> I do not received anymore spam with my domain in from address >>> I mean: @datalogica.com >>> -m >> >> >>