[ SEA-GHOST MINI SHELL]
# SpamAssassin rules file: default DKIM ADSP overrides
#
# Please don't modify this file as your changes will be overwritten with
# the next update. Use /etc/mail/spamassassin/local.cf instead.
# See 'perldoc Mail::SpamAssassin::Conf' for details.
#
# <@LICENSE>
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to you under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at:
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# </@LICENSE>
###########################################################################
# DKIM ADSP overrides
ifplugin Mail::SpamAssassin::Plugin::DKIM
# Later rules override previous, so to override any of the pre-sets here, just
# declare the domain as unknown, e.g.: 'adsp_override somedomain unknown' .
#
# 'discardable' is implied in absence of the second argument.
adsp_override ebay.com
adsp_override ebay.at
adsp_override ebay.be
adsp_override ebay.ca
adsp_override ebay.ch
adsp_override ebay.de
adsp_override ebay.ee
adsp_override ebay.es
adsp_override ebay.fr
adsp_override ebay.hu
adsp_override ebay.ie
adsp_override ebay.in
adsp_override ebay.it
adsp_override ebay.nl
adsp_override ebay.ph
adsp_override ebay.pl
adsp_override ebay.pt
adsp_override ebay.se
adsp_override ebay.co.kr
adsp_override ebay.co.uk
adsp_override ebay.com.au
adsp_override ebay.com.cn
adsp_override ebay.com.hk
adsp_override ebay.com.mx
adsp_override ebay.com.my
adsp_override ebay.com.sq
adsp_override paypal.com
adsp_override paypal.co.uk
adsp_override ealerts.bankofamerica.com
adsp_override alert.bankofamerica.com
adsp_override americangreetings.com
adsp_override yahoo.americangreetings.com
adsp_override msn.americangreetings.com
adsp_override egreetings.com
adsp_override bluemountain.com
adsp_override hallmark.com
adsp_override update.hallmark.com
adsp_override *.hallmark.com
adsp_override amazon.com all
adsp_override amazon.co.uk all
adsp_override amazon.de all
adsp_override amazon.fr all
adsp_override birthdayalarm.com all
adsp_override astrology.com all
adsp_override linkedin.com all
adsp_override *.linkedin.com all
adsp_override facebookmail.com all
adsp_override *.greenpeace.org all
adsp_override lists.sourceforge.net all
adsp_override lufthansa.com all
adsp_override *.lufthansa.com all
adsp_override *.delivery.net all
adsp_override youtube.com custom_high
adsp_override google.com custom_med
adsp_override gmail.com custom_med
adsp_override googlemail.com custom_med
adsp_override yahoo.com custom_med
adsp_override yahoo.com.ar custom_med
adsp_override yahoo.com.au custom_med
adsp_override yahoo.com.br custom_med
adsp_override yahoo.com.cn custom_med
adsp_override yahoo.com.hk custom_med
adsp_override yahoo.com.mx custom_med
adsp_override yahoo.com.my custom_med
adsp_override yahoo.com.ph custom_med
adsp_override yahoo.com.sg custom_med
adsp_override yahoo.com.tw custom_med
adsp_override yahoo.co.id custom_med
adsp_override yahoo.co.in custom_med
adsp_override yahoo.co.jp custom_med
adsp_override yahoo.co.nz custom_med
adsp_override yahoo.co.th custom_med
adsp_override yahoo.co.uk custom_med
adsp_override yahoo.ca custom_med
adsp_override yahoo.cn custom_med
adsp_override yahoo.de custom_med
adsp_override yahoo.dk custom_med
adsp_override yahoo.es custom_med
adsp_override yahoo.fr custom_med
adsp_override yahoo.gr custom_med
adsp_override yahoo.ie custom_med
adsp_override yahoo.it custom_med
adsp_override yahoo.no custom_med
adsp_override yahoo.pl custom_med
adsp_override yahoo.se custom_med
# Ignore linting, makes unnecessary lookups
adsp_override compiling.spamassassin.taint.org unknown
# To effectively disable ADSP network DNS lookups for all other domains:
# adsp_override * unknown
# Currently few domains publish their signing practices (draft-ietf-dkim-ssp,
# ADSP), partly because the ADSP draft/rfc is rather new, partly because they
# think hardly any recipient bothers to check it, and partly for fear that
# some recipients might lose mail due to problems in their signature validation
# procedures or mail mangling by mailers beyond their control.
#
# Nevertheless, recipients could benefit by knowing signing practices of a
# sending (author's) domain, for example to recognize forged mail claiming
# to be from certain domains which are popular targets for phishing, like
# financial institutions. Unfortunately, as signing practices are seldom
# published or are weak, it is hardly justifiable to look them up in DNS.
#
# To overcome this chicken-or-the-egg problem, the adsp_override mechanism
# allows recipients using SpamAssassin to override published or defaulted
# ADSP for certain domains. This makes it possible to manually specify a
# stronger (or weaker) signing practices than a signing domain is willing
# to publish (explicitly or by default), and also save on a DNS lookup.
#
# Note that ADSP (published or overridden) is only consulted for messages
# which do not contain a valid DKIM signature from the author's domain.
#
# According to ADSP draft, signing practices can be one of the following:
# unknown, all and discardable.
#
# unknown: Messages from this domain might or might not have an author
# signature. This is a default if a domain exists in DNS but no ADSP record
# is found.
#
# all: All messages from this domain are signed with an Author Signature.
#
# discardable: All messages from this domain are signed with an Author
# Signature. If a message arrives without a valid Author Signature, the
# domain encourages the recipient(s) to discard it.
#
# ADSP lookup can also determine that a domain is "out of scope", i.e., the
# domain does not exist (NXDOMAIN) in the DNS.
#
# To override domain's signing practices in a SpamAssassin configuration file,
# specify an adsp_override directive for each sending domain to be overridden.
#
# Its first argument is a domain name. Author's domain is matched against it,
# matching is case insensitive. This is not a regular expression or a file-glob
# style wildcard, but limited wildcarding is still available: if this argument
# starts by a "*." (or is a sole "*"), author's domain matches if it is a
# subdomain (to one or more levels) of the argument. Otherwise (with no
# leading asterisk) the match must be exact (not a subdomain).
#
# An optional second parameter is one of the following keywords
# (case-insensitive): nxdomain, unknown, all, discardable,
# custom_low, custom_med, custom_high.
#
# Absence of this second parameter implies discardable. If a domain is not
# listed by a adsp_override directive nor does it explicitly publish any
# ADSP record, then unknown is implied for valid domains, and nxdomain
# for domains not existing in DNS. (Note: domain validity may be unchecked
# with current versions of Mail::DKIM, so nxdomain may never turn up.)
#
# The strong setting discardable is useful for domains which are known
# to always sign their mail and to always send it directly to recipients
# (not to mailing lists), and are frequent targets of fishing attempts,
# such as financial institutions. The discardable is also appropriate
# for domains which are known never to send any mail.
#
# When a message does not contain a valid signature by the author's domain
# (the domain in a From header field), the signing practices pertaining
# to author's domain determine which of the following rules fire and
# contributes its score: DKIM_ADSP_NXDOMAIN, DKIM_ADSP_ALL, DKIM_ADSP_DISCARD,
# DKIM_ADSP_CUSTOM_LOW, DKIM_ADSP_CUSTOM_MED, DKIM_ADSP_CUSTOM_HIGH. Not more
# than one of these rules can fire. The last three can only result from a
# 'signing_practices' as given in a adsp_override directive (not from a
# DNS lookup), and can serve as a convenient means of providing a different
# score if scores assigned to DKIM_ADSP_ALL or DKIM_ADSP_DISCARD are not
# considered suitable for some domains.
#
# As a precaution against firing DKIM_ADSP_* rules when there is a known
# local reason for a signature verification failure, the domain's ADSP is
# considered unknown when DNS lookups are disabled or a DNS lookup encountered
# a temporary problem on fetching a public key from the author's domain.
# Similarly, ADSP is considered unknown when this plugin did its own signature
# verification (signatures were not passed to SA by a caller) and a metarule
# __TRUNCATED was triggered, indicating the caller intentionally passed a
# truncated message to SpamAssassin, which was a likely reason for a signature
# verification failure.
endif # Mail::SpamAssassin::Plugin::DKIM
SEA-GHOST - SHELL CODING BY SEA-GHOST