Can we also get confirmation from @georglauterbach on what the dmarc equivalent behaviour in rspamd has been configured for with DMS? (regardless of explicitly / implicitly). We should probably have this in sync.

DMARC is handled by Rspamd by applying a symbol (with a score) to the result of the DMARC check:

DMARC is handled by Rspamd by applying a symbol (with a score) to the result of the DMARC check

Soooo... it is like the behaviour OpenDMARC had before, or has now? Or neither?

We had a similar discussion recently for the SA_KILL / SPAMASSASSING_SPAM_TO_INBOX=1 settings where it was possible to prevent rejection or similar actions by always allowing the mail into junk folder.

Is that the same "fix" workaround? reject = 100?

DMARC is handled by Rspamd by applying a symbol (with a score) to the result of the DMARC check

Soooo... it is like the behaviour OpenDMARC had before, or has now? Or neither?

I actually don't know whether you can compare this very well... OpenDMARC acts on a single check and "only" gives a decision to Postfix based on this check IIRC. Rspamd on the other hand handles multiple checks (SPF, DKIM, DMARC, denylists, etc.), and will provide a decision based on these multiple checks - the DMARC check is one of them.

We had a similar discussion recently for the SA_KILL / SPAMASSASSING_SPAM_TO_INBOX=1 settings where it was possible to prevent rejection or similar actions by always allowing the mail into junk folder.

Is that the same "fix" workaround? reject = 100?

Yes, reject = 100; is the way of disabling rejection (only GTUBE will still trigger a rejection). Theoretically, a mail could have a score of >100, but the highest I have ever seen was 18. For anyone who can send me an e-mail that gets a score of >50, I'll buy you a 🍺 haha :D

Hey

I didn't even know about postfix's "hold" queue!

Just checked, and I have loads of messages on hold.
I see they're all spam, so I didn't lose much.

Do you know if it's possible to make quarantined emails to either go to a specific folder (like Spam/Junk), or a separate mailbox?

It seems to be hard to see the emails on "hold", as we have to use postqueue -p and then postcat, etc.

Thanks!!

Do you know if it's possible to make quarantined emails to either go to a specific folder (like Spam/Junk), or a separate mailbox?

I am not familiar with working with Postfix hold queue, I know you can check and manipulate the queue but not sure about redirecting that mail.

If the quarantined mail has specific information / metadata in the mail headers that can be matched then a sieve script could probably handle that like we do with redirecting spam delivered to junk folder by default.