On 2/20/19 7:48 AM, Benny Pedersen wrote:
Dave Jones skrev den 2019-02-20 03:30:
Let's say example.com sent email from sendgrid.net and DMARC passes
(SPF_PASS and alignment with the envelope-from domain or
DKIM_PASS_AU). I would like to subtract a few points in this case
without having to list every domain in advance in a meta rule or
whitelist_auth entry.
or tell sendgrid to remove ip in there helo would maybe be a very good
move ?
in spamassassin it could be ignored so helo dynamic-ipaddr is not
hitted, i wonder how much sendgrid care of there own problem :(
i still note you put whitelist_auth in to spf plugin :(
if spf plugin is disabled, you disable dkim whitelist aswell ?, intended ?
1. I am not sure why anyone would disable the SPF plugin. There is no
reason not to under normal Internet edge mail filtering to turn off the
SPF plugin.
2. Do you know of a better way to do the whitelist_auth settings since
they are directly related to SPF and DKIM? I am open to better ideas.
I am only following what someone else started in the base rule files.
3. SA needs to have better DMARC support built-in but it might not be
possible without using OpenDMARC like we have to do today with some
local custom rules to read the OpenDMARC Authentication-Results header.
Dave
