DKIM domainkeys=fail (1024-bit key) reason="fail (message has been altered)"
I am sure this has been done to death but I would like to ban emails that show "domainkeys=fail (1024-bit key) reason="fail (message has been altered)" " any ideas please I have tried regex but i admit i am a novice i added header DKIM_FAIL ALL =~ /domainkeys=fail (1024-bit key)/i score DKIM_FAIL 4 can a guru help please -- View this message in context: http://spamassassin.1065346.n5.nabble.com/DKIM-domainkeys-fail-1024-bit-key-reason-fail-message-has-been-altered-tp122324.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: DKIM domainkeys=fail (1024-bit key) reason="fail (message has been altered)"
On 8/26/2016 11:34 AM, widowsoft wrote: I am sure this has been done to death but I would like to ban emails that show "domainkeys=fail (1024-bit key) reason="fail (message has been altered)"" any ideas please I have tried regex but i admit i am a novice i added header DKIM_FAIL ALL =~ /domainkeys=fail (1024-bit key)/i score DKIM_FAIL 4 can a guru help please Might be an escaping issue. Parenthesis are special in Perl regexes. Try this: header DKIM_FAIL ALL =~ /domainkeys=fail \(1024-bit key\)/i -- Bowie
Re: DKIM domainkeys=fail (1024-bit key) reason="fail (message has been altered)"
On Fri, Aug 26, 2016, at 08:39, Bowie Bailey wrote: > On 8/26/2016 11:34 AM, widowsoft wrote: > > I am sure this has been done to death but I would like to ban emails that > > show > > "domainkeys=fail (1024-bit key) reason="fail (message has been altered)"" > > > > any ideas please I have tried regex but i admit i am a novice > > i added > > header DKIM_FAIL ALL =~ /domainkeys=fail (1024-bit key)/i > > score DKIM_FAIL 4 > > > > can a guru help please > > Might be an escaping issue. Parenthesis are special in Perl regexes. > > Try this: > header DKIM_FAIL ALL =~ /domainkeys=fail \(1024-bit key\)/i Note that taking negative action is explicitly prohibited by DKIM, and as a result there are valid, standards compliant configurations that will return this DKIM report. (I'm not saying don't do it, it's your server, you make the rules, but this isn't as foolproof as one might naively expect).