Re: [exim] Filtering DKIM domains

Top Page
Delete this message
Reply to this message
Author: Jeremy Harris
Date:  
To: exim-users
Subject: Re: [exim] Filtering DKIM domains
On 12/02/18 18:17, AC via Exim-users wrote:
> I'm receiving a fair amount of spam that is coming through Microsoft's
> Office 365 service (spammers signing up for the one month free trial of
> Office 365).  This provides them a DKIM siguature that is valid and has
> a customized subdomain of onmicrosoft.com.    The email itself has a
> sender domain that may be entirely different and will likely change.

>
> What I'd like to do is set up an ACL that checks the DKIM signature and
> rejects it if the domain is anything ending with onmicrosoft.com.
>
> I tried using a deny rule in my DKIM ACL that looked at the dkim_signers
> but I got the implementation wrong because it rejected anything that had
> a DKIM validation in it no matter the domain.
>
> deny message = DKIM from unwanted domain
> dkim_signers = *.onmicrosoft.com
>
> How would I accomplish what I want if it's even possible?


Pull the header lines out with right header name, extract the d= field,
regex-match?
--
Jeremy