[opendmarc-users] Override Quarantine?
postfix at ptld.com
postfix at ptld.com
Sat Jul 17 16:36:30 PDT 2021
> On 07-17-2021 7:00 pm, Benny Pedersen wrote:
>
>> postfix main.cf:
>> milter_header_checks = pcre:/etc/postfix/header_checks_milter
>>
>> header_checks_milter:
>> if /^Authentication-Results:/
>> if / dmarc=fail /
>> !/p=reject/ REJECT DMARC Failed and Local p=reject Policy
>> Enforced
>> endif
>> endif
>
> if that header is not done localy you make mistakes
> dont trust that header ever
> above miss the trust-id in AR header
In this situation it would not be an issue. It is not looking for the
existence of a "passing" header. It is looking for a reject. Even if you
included a forged header in your email saying dmarc passed, this filter
will ignore it and still find the locally added header saying dmarc=fail
and reject the email. Now if you want to forge a rejected header in your
email to me, um okay go for it.
More information about the opendmarc-users
mailing list