[Rspamd-Users] Peer has wrong DMARC policy. How to override in order to ACCEPT mail ?
Andrew Lewis
rspamd-users at judo.za.org
Wed Oct 15 14:51:48 UTC 2025
Hi Håkon,
On Wed, 2025-10-15 at 16:10 +0200, Håkon Alstadheim via Users wrote:
> My ISP is on occasion sending me system emails (NDNs) from their
> internal hosts that are not covered by ther spf and DKIM records. I
> *want* those status messages. The sending host is below a "protected"
> (for want of a better word) domain: altibox.no. What is the cleanest
> way to do this? Mail headers in the NDN are:
Increasing scoring for DMARC failures mightn't be a generally good idea
(forcing rejection is a worse still idea). You might rather use
`whitelist` module to increase penalties for failed DMARC checks where
it's safe to do.
Alternatively, we might disable DMARC for domains where it causes
trouble. We can do that by adding a `condition`. `settings` module is
another way to do it but I think it's less favourable for a scenario
such as this one. Another approach is to use `composites` and user-
defined rules, probably in the form of `multimap`.
```
-- /etc/rspamd/lua.local.d/conditions.lua
rspamd_config:add_condition('DMARC_CHECK', function(task)
local hfrom = task:get_from('mime')
if not (hfrom and hfrom[1]) then return true end
if hfrom[1].domain == 'altibox.no' then return false end
return true
end)
```
https://docs.rspamd.com/configuration/settings/
https://docs.rspamd.com/configuration/composites/
https://docs.rspamd.com/modules/multimap/
Best,
-AL.
More information about the Users
mailing list