Domino on Linux/Unix, Troubleshooting, Best Practices, Tips and more ...

 
alt

Daniel Nashed

 

SpamGeek support for Domino 12.0.2 inbound SPF and DKIM

Daniel Nashed  13 November 2022 08:09:59


In Domino 12.0.2 Inbound SPF and DKIM is just a simple configuration option in the server configuration document.
The SPF check was already available in Domino 12.0.1 indicated by the Received_SPF item.

When Domino 12.0.2 ships this week, all existing SpamGeek versions can be configured to support a DKIM as well.

Beside the fields Received_SPF and DKIM_Signature there is a new item Authentication_Results.
The item is the standard header Authentication-Results to indicate SPF and DKIM results (see
https://www.rfc-editor.org/rfc/rfc7001 for details).

To check the new header, SpamGeek just needs new rule documents.
Because those new fields are not known by SpamGeek out of the box, the rule needs to run on the mail document instead of the log document.
I configured my server to copy the fields into the log document (configuration profile/optional) instead to also have them stored in SpamGeek log.

Enclosed are the new rules already waiting on my servers to work with the Domino 12.0.2 release version.
I added scores also for special cases to see verify the different cases. You might want to add your own weight to those formulas.



Field Name: Authentication_Results
Authentication_Results: notes.lab 1; spf=pass smtp.mailfrom=nsh@notes.lab (sender IP 1.2.3.4); dkim=pass header.s=09302021 header.d=notes.lab; dkim=pass header.s=ed10122021 header.d=notes.lab

In my example the sender uses a RSA and Ed25519 key. The authentication header will contain multiple results in this case.

-- Daniel


Spam
Geek for Domino - Rule Document
Name: Domino-SPF-Check
Description: Domino 12.0.2 SPF Status Check
Status: Enable
Category: SPF
Type: BlackList
Event: Accept
Score-Multiplier: 1
Formula: x:@Left (@Right (Authentication_Results; "spf=");" ");
@if (
x = ""; 21;
x = "pass"; -1;
x = "neutral";10;
x = "none"; 20;
x = "invalid"; 30;
x = "softfail"; 40;
x = "permerror"; 40;
x = "fail"; 90;
0)





Spam
Geek for Domino - Rule Document
Name: Domino-DKIM-Check
Description: Domino 12.0.2 DKIM Status Check
Status: Enable
Category: DKIM
Type: BlackList
Event: Accept
Score-Multiplier: 1
Formula: x:@Left (@Right (Authentication_Results; "dkim=");" ");
@if (
x = ""; 1;
x = "pass"; -2;
x = "neutral";-1;
x = "none"; 1;
x = "invalid"; 30;
x = "softfail"; 40;
x = "permerror"; 40;
x = "fail"; 90;
0)






Links

    Archives


    • [HCL Domino]
    • [Domino on Linux]
    • [Nash!Com]
    • [Daniel Nashed]