amavis-dkim: How to discard mail with no or invalid signature

A. Schulze sca at
Tue Jan 12 17:59:07 CET 2016

Am 12.01.2016 um 15:03 schrieb Gerhard Rappenecker:
> I'd like to discard, reject or quarantine mails from a specific domain, but only if they have no or no valid DKIM signature.

it's your policy but usually it's wrong to reject on no or no valid DKIM signature ¹)
You want DMARC but DMARC validation is not implemented in amavisd-new

we run a pipeline of milters here:
  - smf-spf milter for SPF validation
  - opendkim for DKIM validation
  - opendmarc to inspect SPF+DKIM result and apply a policy
  - amavisd-milter for content inspection


    ... a Verifier SHOULD NOT treat a message that has one or more
    bad signatures and no good signatures differently from a message with
    no signature at all.

More information about the amavis-users mailing list