GNU/Linux man pages
Livre :
Expressions régulières,
Syntaxe et mise en oeuvre :
GNU/Linux |
CentOS 5.1 |
|
 |
Mail::SpamAssassin::Plugin::DomainKeys(3pm) |
 |
Mail::SpamAssassin::Plugin::DomainKeys − perform DomainKeys verification tests
loadplugin Mail::SpamAssassin::Plugin::DomainKeys [/path/to/DomainKeys.pm]
Signature:
header DK_SIGNED
eval:check_domainkeys_signed()
header DK_VERIFIED
eval:check_domainkeys_verified()
Policy:
Note that DK policy record is only fetched if
DK_VERIFIED is false
to save signing domain from unnecessary DNS
queries,
as recommended ( SHOULD ) by
draft−delany−domainkeys−base.
Rules DK_POLICY_* should preferably not be relied upon when
DK_VERIFIED
is true, although they will return false in current
implementation
when a policy record is not fetched, except for
DK_POLICY_TESTING ,
which is true if t=y appears in a public key record
OR in a policy
record (when available).
header DK_POLICY_TESTING
eval:check_domainkeys_testing()
header DK_POLICY_SIGNSOME
eval:check_domainkeys_signsome()
header DK_POLICY_SIGNALL
eval:check_domainkeys_signall()
Whitelisting
based on verified signature:
header USER_IN_DK_WHITELIST
eval:check_for_dk_whitelist_from()
header USER_IN_DEF_DK_WL
eval:check_for_def_dk_whitelist_from()
This is the DomainKeys plugin and it needs lots more documentation.
domainkeys_timeout n (default: 5)
How many seconds to wait for a DomainKeys query to complete, before scanning continues without the DomainKeys result.
whitelist_from_dk add@ress.com [signing domain name]
Use this to supplement the whitelist_from addresses with a check to make sure the message has been signed by a DomainKeys signature that can be verified against the From: domain’s DomainKeys public key.
In order to support signing domain names that differ from the address domain name, only one whitelist entry is allowed per line, exactly like "whitelist_from_rcvd". Multiple "whitelist_from_dk" lines are allowed. File-glob style meta characters are allowed for the From: address, just like with "whitelist_from_rcvd". The optional signing domain name parameter must match from the right-most side, also like in "whitelist_from_rcvd".
If no signing domain name parameter is specified the domain of the address parameter specified will be used instead.
The From: address is obtained from a signed part of the message (ie. the "From:" header), not from envelope data that is possible to forge.
Since this whitelist requires a DomainKeys check to be made, network tests must be enabled.
Examples:
whitelist_from_dk joe@example.com whitelist_from_dk *@corp.example.com whitelist_from_dk bob@it.example.net example.net whitelist_from_dk *@eng.example.net example.net
def_whitelist_from_dk add@ress.com [signing domain name]
Same as "whitelist_from_dk", but used for the default whitelist entries in the SpamAssassin distribution. The whitelist score is lower, because these are often targets for spammer spoofing.
|
Mail::SpamAssassin::Plugin::DomainKeys(3pm) | |