[opendmarc-users] Override Quarantine?

postfix at ptld.com postfix at ptld.com
Sat Jul 17 16:36:30 PDT 2021


> On 07-17-2021 7:00 pm, Benny Pedersen wrote:
> 
>>   postfix main.cf:
>>     milter_header_checks = pcre:/etc/postfix/header_checks_milter
>> 
>>   header_checks_milter:
>>     if /^Authentication-Results:/
>>     if / dmarc=fail /
>>     !/p=reject/     REJECT DMARC Failed and Local p=reject Policy 
>> Enforced
>>     endif
>>     endif
> 
> if that header is not done localy you make mistakes
> dont trust that header ever
> above miss the trust-id in AR header

In this situation it would not be an issue. It is not looking for the 
existence of a "passing" header. It is looking for a reject. Even if you 
included a forged header in your email saying dmarc passed, this filter 
will ignore it and still find the locally added header saying dmarc=fail 
and reject the email. Now if you want to forge a rejected header in your 
email to me, um okay go for it.


More information about the opendmarc-users mailing list