Re: DWL support in Rspamd

[Alessandro Vesely <vesely@xxxxxxx>]

Hi Vsevolod and all,

On Mon 29/Oct/2018 18:48:43 +0100 Vsevolod Stakhov wrote:
> 
> I have added the following configuration now:
> 
>         dnswl_dwl {
>           symbol = "DWL_DNSWL";
>           rbl = "dwl.dnswl.org";
>           dkim = true;
>           dkim_domainonly = false;
>           dkim_match_from = true;
>           unknown = false;
> 
>           returncodes {
>               DWL_DNSWL_NONE = "127.0.%d+.0";
>               DWL_DNSWL_LOW = "127.0.%d+.1";
>               DWL_DNSWL_MED = "127.0.%d+.2";
>               DWL_DNSWL_HI = "127.0.%d+.3";
>               DWL_DNSWL_BLOCKED = "127.0.0.255";

Nice syntax

>           }
>         }
> 
> So it will check just a valid DKIM signature domain that actually have
> the same efficient single level domain with the MIME From address.

Hm... I'm not using Rspamd (yet) so the above is not clear to me.  DNSWL and
DKIM are tested respectively before and after an SMTP transaction.

> Please let me know if you have any questions or suggestions.

I consider any DNSWL more or less equivalent to a domain authentication like
SPF or DKIM.  In fact, if you query the TXT RR you get a domain name.
Courier-MTA writes something like so:

Authentication-Results: wmail.tana.it;
    dnswl=pass dns.zone=list.dnswl.org
    policy.ip=127.0.10.3
    policy.txt="dnswl.org http://dnswl.org/s?s=100";

It is not listed in Email Authentication Parameters, but maybe when rfc7601bis
will be published, with more leeway for ptypes, it will be possible to add it.

Just an idea...

Keep up the good work!
Best
Ale