On 12/02/18 18:17, AC via Exim-users wrote: > I'm receiving a fair amount of spam that is coming through Microsoft's > Office 365 service (spammers signing up for the one month free trial of > Office 365). This provides them a DKIM siguature that is valid and has > a customized subdomain of onmicrosoft.com. The email itself has a > sender domain that may be entirely different and will likely change. > > What I'd like to do is set up an ACL that checks the DKIM signature and > rejects it if the domain is anything ending with onmicrosoft.com. > > I tried using a deny rule in my DKIM ACL that looked at the dkim_signers > but I got the implementation wrong because it rejected anything that had > a DKIM validation in it no matter the domain. > > deny message = DKIM from unwanted domain > dkim_signers = *.onmicrosoft.com > > How would I accomplish what I want if it's even possible?
Pull the header lines out with right header name, extract the d= field, regex-match? -- Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
