From 1ecd691570fcdbb3d093948d78dbacd33f8d3ea3 Mon Sep 17 00:00:00 2001
From: heraklit256 <37872459+heraklit256@users.noreply.github.com#>
Date: Tue, 7 Aug 2018 16:34:30 +0200
Subject: [PATCH] add negative weight to DNSWL entries

However, a message must be correctly DKIM signed to get some more
negative weight in case an received IP is listed with medium or
high trust at DNSWL.

This supersedes a first patch without the DKIM condition.
---
 conf/composites.conf         | 13 +++++++++++--
 conf/scores.d/rbl_group.conf |  6 +++---
 2 files changed, 14 insertions(+), 5 deletions(-)

diff --git a/conf/composites.conf b/conf/composites.conf
index a07b7020f..9d204344c 100644
--- a/conf/composites.conf
+++ b/conf/composites.conf
@@ -83,9 +83,18 @@ composites {
     }
     RCVD_UNAUTH_PBL {
         expression = "RECEIVED_PBL & -RCVD_VIA_SMTP_AUTH";
-        description = "Relayed through ZEN PBL IP without sufficient authentication";
+        description = "Relayed through ZEN PBL IP without sufficient authentication (possible indicating an open relay)";
         score = 2.0;
-        policy = "leave";
+    }
+    RCVD_DKIM_DNSWL_MED {
+        expression = "R_DKIM_ALLOW & RCVD_IN_DNSWL_MED";
+        description = "Sufficiently DKIM signed and received from IP with medium trust at DNSWL";
+        score = -1.5;
+    }
+    RCVD_DKIM_DNSWL_HI {
+        expression = "R_DKIM_ALLOW & RCVD_IN_DNSWL_HI";
+        description = "Sufficiently DKIM signed and received from IP with high trust at DNSWL";
+        score = -3.5;
     }
 
     .include(try=true; priority=1; duplicate=merge) "$LOCAL_CONFDIR/local.d/composites.conf"
diff --git a/conf/scores.d/rbl_group.conf b/conf/scores.d/rbl_group.conf
index 6c48cf3bb..2b9d9483c 100644
--- a/conf/scores.d/rbl_group.conf
+++ b/conf/scores.d/rbl_group.conf
@@ -29,15 +29,15 @@ symbols = {
         description = "Sender listed at https://www.dnswl.org, no trust";
     }
     "RCVD_IN_DNSWL_LOW" {
-        weight = 0.0;
+        weight = -0.5;
         description = "Sender listed at https://www.dnswl.org, low trust";
     }
     "RCVD_IN_DNSWL_MED" {
-        weight = 0.0;
+        weight = -0.5;
         description = "Sender listed at https://www.dnswl.org, medium trust";
     }
     "RCVD_IN_DNSWL_HI" {
-        weight = 0.0;
+        weight = -0.5;
         description = "Sender listed at https://www.dnswl.org, high trust";
     }
 
-- 
2.39.5