Ensure we REJECT when we don't have a DMARC policy

This restores the old behaviour
2024-12-12 10:45:38 +02:00 · 2022-10-19 17:53:32 +02:00 · 2022-10-19 17:53:32 +02:00 · f7b3aad831
commit f7b3aad831
parent 0204c9e59d
2 changed files with 12 additions and 0 deletions
--- a/core/rspamd/conf/force_actions.conf
+++ b/core/rspamd/conf/force_actions.conf
@ -0,0 +1,7 @@
+rules {
+  WHITELIST_EXCEPTION {
+    action = "reject";
+    expression = "(AUTH_NA|BLACKLIST_ANTISPOOF) & IS_LOCAL_DOMAIN";
+    message = "Rejected (anti-spoofing)";
+  }
+}
--- a/core/rspamd/conf/multimap.conf
+++ b/core/rspamd/conf/multimap.conf
@ -0,0 +1,5 @@
+IS_LOCAL_DOMAIN {
+  type = "from";
+  filter = "email:domain";
+  map = "http://{{ ADMIN_ADDRESS }}/internal/rspamd/local_domains";
+}