1Mail::SpamAssassin::PluUgsienr::CAountthrRiebsu(t3e)d PeMralilD:o:cSupmaemnAtsastaisosnin::Plugin::AuthRes(3)
2
3
4

NAME

6       Mail::SpamAssassin::Plugin::AuthRes - use Authentication-Results header
7       fields
8

SYNOPSIS

10   SpamAssassin configuration:
11       loadplugin     Mail::SpamAssassin::Plugin::AuthRes
12
13       authres_trusted_authserv  myserv.example.com authres_networks  all
14

DESCRIPTION

16       This plugin parses Authentication-Results header fields and can supply
17       the results obtained to other plugins, so as to avoid repeating checks
18       that have been performed already.
19

ADMINISTRATOR OPTIONS

21       authres_networks internal/trusted/all    (default: internal)
22           Process Authenticated-Results headers set by servers from these
23           networks (refers to SpamAssassin *_networks zones).  Any header
24           outside this is completely ignored (affects all module settings).
25
26            internal   = internal_networks
27            trusted    = internal_networks + trusted_networks
28            all        = all above + all external
29
30           Setting "all" is safe only if your MX servers filter properly all
31           incoming A-R headers, and you use authres_trusted_authserv to match
32           your authserv-id.  This is suitable for default OpenDKIM for
33           example.  These settings might also be required if your filters do
34           not insert A-R header to correct position above the internal
35           Received header (some known offenders: OpenDKIM, OpenDMARC,
36           amavisd-milter).
37
38       authres_trusted_authserv authservid1 id2 ...   (default: none)
39           Trusted authentication server IDs (the domain-name-like first word
40           of Authentication-Results field, also known as "authserv-id").
41
42           Note that if set, ALL A-R headers are ignored unless a match is
43           found.
44
45           Use strongly recommended, possibly along with authres_networks all.
46
47       authres_ignored_authserv authservid1 id2 ...   (default: none)
48           Ignored authentication server IDs (the domain-name-like first word
49           of Authentication-Results field, also known as "authserv-id").
50
51           Any A-R header is ignored if match is found.
52

METADATA

54       Parsed headers are stored in $pms->{authres_parsed}, as a hash of array
55       of hashes where results are collected by method.  For example, the
56       header field:
57
58         Authentication-Results: server.example.com;
59           spf=pass smtp.mailfrom=bounce.example.org;
60           dkim=pass header.i=@example.org;
61           dkim=fail header.i=@another.signing.domain.example
62
63       Produces the following structure:
64
65        $pms->{authres_parsed} = {
66          'dkim' => [
67            {
68              'properties' => {
69                'header' => {
70                  'i' => '@example.org'
71                }
72              },
73              'authserv' => 'server.example.com',
74              'result' => 'pass',
75              'version' => 1,
76              'reason' => ''
77            },
78            {
79              'properties' => {
80                'header' => {
81                  'i' => '@another.signing.domain.example'
82                }
83              },
84              'result' => 'fail',
85              'authserv' => 'server.example.com',
86              'version' => 1,
87              'reason' => ''
88            },
89          ],
90        }
91
92       Within each array, the order of results is the original, which should
93       be most recent results first.
94
95       For checking result of methods, $pms->{authres_result} is available:
96
97        $pms->{authres_result} = {
98          'dkim' => 'pass',
99          'spf' => 'fail',
100        }
101

EVAL FUNCTIONS

103       header RULENAME eval:check_authres_result(method, result)
104           Can be used to check results.
105
106             ifplugin Mail::SpamAssassin::Plugin::AuthRes
107             ifplugin !(Mail::SpamAssassin::Plugin::SPF)
108               header  SPF_PASS      eval:check_authres_result('spf', 'pass')
109               header  SPF_FAIL      eval:check_authres_result('spf', 'fail')
110               header  SPF_SOFTFAIL  eval:check_authres_result('spf', 'softfail')
111               header  SPF_TEMPFAIL  eval:check_authres_result('spf', 'tempfail')
112             endif
113             ifplugin !(Mail::SpamAssassin::Plugin::DKIM)
114               header  DKIM_VERIFIED  eval:check_authres_result('dkim', 'pass')
115               header  DKIM_INVALID   eval:check_authres_result('dkim', 'fail')
116             endif
117             endif
118
119
120
121perl v5.38.0                      2023-07M-a2i2l::SpamAssassin::Plugin::AuthRes(3)