[Rspamd-Users] match null sender

Jesse Norell jesse at kci.net
Tue Oct 5 22:25:45 UTC 2021


  Does anyone have a tip for matching a null envelope sender?

  If useful, the full context in which I need it is a combined rule for
the multimap module, eg. in multimap.conf if I have:

  description "Spoof as local domain.";
  rules {
    local_smtp_from = {
      map = "$LOCAL_CONFDIR/local.d/maps.d/local_domains.inc";
      selector = "from('smtp'):domain";
    local_mime_from = {
      map = "$LOCAL_CONFDIR/local.d/maps.d/local_domains.inc";
      selector = "from('mime'):domain";
  expression = "local_mime_from & !local_smtp_from";
  score = 1.0;

This works to catch a random sender spoofing our domain in From:
header, but it also matches on a null sender, which could be part of
mail delivery notifications and such, so seems like that should be


Jesse Norell
Kentec Communications, Inc.
970-522-8107  -  www.kci.net

More information about the Users mailing list