I am trying to assess the potential benefit of moving to rSpamD, and the effort required to get there. I have read the documentation, but it did not provide enough information. Hoping an rSpamD user can add some clarity.
Goal 1: Authenticate the SMTP Mail From domain and assign a disposition result:
Assume:
Methods I use to authenticate the SMTP Mail From domain
- SPF Pass, based on the SPF policy for example.com
- DKIM Pass, based on a DKIM signature for example.com or aligned with example.com
- Google Signature for example_com.*.gapssmtp.com, which i interpret to mean that Google has authenticated the address
- Table lookup on host name: Local policy trusts that example.com is hosted on google.com servers, so the combination is authentic as long as the server name is authenticated by forward-confirmed DNS. (Either HELO or Reverse DNS can be used for matchng.)
- Table lookup on IP address: Local policy trusts that example.com is hosted on IP address a.b.c.d
- Exemption: SMTP Mail From authentication is not required if the message From domain is authenticated by DKIM Pass for a signature aligned with that domain.
Interaction of authentication and reputation:
- Reputation lookup says block: Block the message, authentication does not matter
- Reputation lookup says quarantine: Quarantine the message, authentication does not matter.
- Reputation unknown: Quarantine the message, authentication does not matter
- Not authenticated: Quarantine the message
- Authenticated and acceptable: Allow the message, subject to other tests
- Authenticated and highly trusted: Whitelist the message
I have similar requirements for authentication and reputation checks on the message From address and on the Reply-To address.
Making it work in rSpamD
It is clear that rSpamD can do the SPF Pass test easily, but everything else is blurry.
How many different workers will I need to write from scratch to make this work? If more than one, is there a parsed object model of the message that is passed from one worker to the next, or does every worker need to do its own parsing?
Any insight is appreciated.