Simon Wilson via users skrev den 2024-07-03 14:56: > Do I also need to disable the normal SA DKIM plugin evaluation, i.e. > trusting my upstream authres_trusted_authserv only?
both works in paralel, so no need to disable, best results came from both enabled its up to you to add more authres_trusted_authserv or more authres_ignored_authserv lines possible we can now have a very long debate on dmarc plugin ? :) my question is does spamassassin dmarc plugin use authres results ? - SA's DKIM plugin has failed a message so USER_IN_DKIM_WHITELIST tag will not get assigned, and a +0.1 is added for a DKIM fail - with AuthRes plugin installed, my trusted Authentication-Results header ‘DKIM pass’ = -0.5 is applied - yes, the -0.5 overrides the +0.1 from the false DKIM fail, but this does not overcome the reason I wanted the sender in whitelist_auth - to overcome the FP of their emails triggering a KAM rule Ideally what I want is for authres.cf to combine: header AUTHRES_DKIM_PASS eval:check_authres_result('dkim', 'pass') with header USER_IN_DKIM_WHITELIST eval:check_for_dkim_whitelist_from() and generate -100 that the DKIM plugin assigns to a DKIM pass/USER_IN_DKIM_WHITELIST entry. …but I don't know how to do that properly. I can combine into a meta rule, but that will call the existing DKIM plugin's subroutine to evaulate USER_IN_DKIM_WHITELIST, and I'm not sure if that will work.