|
FastMail Forum All posts relating to FastMail.FM should go here: suggestions, comments, requests for help, complaints, technical issues etc. |
|
Thread Tools |
26 Nov 2016, 05:21 PM | #1 |
Junior Member
Join Date: Jul 2009
Posts: 19
|
Blocking email from own email addresses that fail DKIM
The latest wave of Locky / Zepto spam mail comes from voicemail@ with your own domain tacked on. Since I have a voicemail@***.co.uk email address, and had a [Vigor2820 Series] that appears in the subject line, this is increasing the risk of someone opening one of the messages.
Obviously, the message fails authentication, since it was not sent via the fastmail servers, but how can I filter for this in a custom rule? I currently have the following rule, which does not appear to work as the mail still gets delivered to the Inbox (although it does in the sieve tester): Code:
if allof( header :contains ["from", "X-Mail-from"] ["mydomain.co.uk"], header :contains ["Authentication-Results"] ["dkim=none","dkim=fail"] |
26 Nov 2016, 06:35 PM | #2 |
The "e" in e-mail
Join Date: Jul 2002
Location: VK4
Posts: 3,028
|
Do you want to filter or discard?
{ discard; stop; } |
26 Nov 2016, 08:08 PM | #3 |
Junior Member
Join Date: Jul 2009
Posts: 19
|
|
27 Nov 2016, 09:42 AM | #4 |
The "e" in e-mail
Join Date: May 2003
Location: mostly in Thailand
Posts: 3,095
|
I cannot figure out from your posts what your full sieve script looks like, and thus how the conditions you specify relate to the overall logic. It is tempting to conclude that either (i) the block of code is never reached; or (ii) script execution continues and overrides whatever processing was in your local code block.
|
28 Nov 2016, 05:05 AM | #5 |
Essential Contributor
Join Date: Apr 2008
Posts: 371
|
As a bit of an aside, do you have SPF and DMARC records published for your domain? Since FastMail respects DMARC, I find just having the appropriate records in place (with "-ALL" in the SPF record and "p=reject" in the DMARC record) gives any bogus messages like this a pretty high spam score (which in my case still tosses them into my spam folder).
The upside to publishing these records, of course, is that you'd also prevent bogus messages from your domain landing on other mail servers as well — assuming of course that they respect DMARC. It wouldn't even really be a DKIM issue at this point, as those messages would be originating from a server that's not listed in your SPF record. |