[Rspamd-Users] Multimap authenticated nflag matches despite being authenticated
Gerald Galster
list+rspamd at gcore.biz
Sat Nov 23 06:02:51 UTC 2024
> looking really close at the documentation again, I might've misunderstood the configuration and those flags only apply to type "received".
>
> I've changed the rule to:
>
> BAD_HOSTNAMES {
> type = "received";
> filter = "real_hostname";
> map = "${CONFDIR}/custom/badhostnames.map";
> regexp = true;
> score = 4.0;
> nflags = ["authenticated"];
> }
>
> This should do, I hope.
Another approach would be to set a symbol like HAS_SASL_AUTH in local.d/settings.conf for sasl authenticated users:
https://github.com/rspamd/rspamd/discussions/4083
Then you can create a new symbol via local.d/composites.conf and set a score:
BAD_HOSTNAMES_NO_AUTH {
expression = "BAD_HOSTNAMES AND NOT HAS_SASL_AUTH";
score = 4.0;
}
https://rspamd.com/doc/configuration/composites.html
Best regards,
Gerald
More information about the Users
mailing list