How to override the DKIM signature in the reputation filter
If an inbound email is received with an external "Envelope From" address and an internal "HEADER FROM" address (e.g. newsletters) and the email contains a valid DKIM signature that includes the corresponding corporate domain, the Reputation filter does not assign any penalty points.
You can switch off this behaviour by making the corresponding adjustments in the IntranetRole.config file. Proceed as follows:
-
Stop the Intranet Role.
-
Go to C:\ProgramData\Net at Work Mail Gateway\Configuration.
-
Create a copy of the IntranetRole.config file and rename this copy, for example to BackupIntranetRole.config.
-
Open the IntranetRole.config file.
-
Find the <reputation> tag below the <filters> tag of each inbound rule.
-
Add the attribute allowHeaderFromLocalAddressIfValidatedByDkim with the value false to the <reputation> tag. The result should look like this:
<filters> <reputation allowHeaderFromLocalAddressIfValidatedByDkim="false"/> </filters> -
Save the IntranetRole.config file.
-
Open each inbound rule once in the rule set of your NoSpamProxy instance and save it again. This ensures that the edited rules are replicated to the Gateway Roles.
NOTE: If the Intranet Role no longer starts after the changes have been made, use the copy of the file created in step 3 to restore the initial state.