>On 19 Apr 2021, at 11:30, Matus UHLAR - fantomas wrote:
>> I understand this as:
>>
>> if mail was received by internal relay unauthenticated, it's
>> external,
On 19.04.21 12:49, Bill Cole wrote:
>I cannot make SA behave that way.
On Mon, 19 Apr 2021 19:03:55 +0200
Matus UHLAR - fantomas wrote:
why not?
meta KAM_DMARC_REJECT __LAST_EXTERNAL_RELAY_NO_AUTH &&
!(DKIM_VALID_AU || SPF_PASS) && __KAM_DMARC_POLICY_REJECT
should avoid KAM_DMARC_REJECT if the mail was accepted authenticated
by internal relay from external one.
On 19.04.21 18:19, RW wrote:
__LAST_EXTERNAL_RELAY_NO_AUTH will hit if an email arrived in the
internal network from external-trusted.
that should be it, DKIM should be checked at internal network border, so it
should be checked even when receiving mail from trusted (but not internal)
hosts.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Fucking windows! Bring Bill Gates! (Southpark the movie)
