[opendmarc-users] Enforcing p=REJECT
Steve Siirila
sfs at umn.edu
Thu Mar 12 06:39:27 PDT 2020
Thanks Juri, much appreciated! That's the behavior we were looking for.
On Thu, Mar 12, 2020 at 3:30 AM Juri Haberland <juri at sapienti-sat.org>
wrote:
> On 2020-03-12 05:04, Steve Siirila wrote:
> > Has anyone turned on RejectFailures in their opendmarc milter
> > configuration? I have a couple of questions:
>
> Yes, of course.
>
> > 1. Does this conditionally reject based on the sender domain's DMARC
> > policy?
> > 2. If #1 is true, is there a way to distinguish between p=REJECT and
> > p=QUARANTINE modes?
> >
> > What we are looking for is a way to have our MTA reject only for
> > senders
> > whose DMARC policy is REJECT and who fail DMARC. For p=NONE and
> > p=QUARANTINE we want to pass email through. Is anyone currently doing
> > this
> > or have any suggestions?
>
> OpenDMARC will reject if the sender's domain has p=reject. On
> p=quarantine it will depend on you MTA: Postfix will put those messages
> on hold and you have to release (or delete) them manually. As this is
> not ideal, there is a patch that will add an option to OpenDMARC to let
> those messages pass.
>
> I'll attach it.
>
> Cheers,
> Juri_______________________________________________
> opendmarc-users mailing list
> opendmarc-users at trusteddomain.org
> http://www.trusteddomain.org/mailman/listinfo/opendmarc-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.trusteddomain.org/pipermail/opendmarc-users/attachments/20200312/a482623b/attachment-0001.htm>
More information about the opendmarc-users
mailing list