DMARC verification should *not* be performed for them and disable
DMARC with a control setting:
- control = dmarc_verify_disable
+ control = dmarc_disable_verify
A DMARC record can also specify a "forensic address", which gives
exim an email address to submit reports about failed alignment.
rejecting the email.
o quarantine The DMARC check failed and the library recommends
keeping it for further inspection.
+ o none The DMARC check passed and the library recommends
+ no specific action, neutral.
o norecord No policy section in the DMARC record for this
sender domain.
o nofrom Unable to determine the domain of the sender.
- o none There is no DMARC record for this sender domain.
- o error Library error or dns error.
+ o temperror Library error or dns error.
+ o off The DMARC check was disable for this email.
You can prefix each string with an exclamation mark to invert its
meaning, for example "!accept" will match all results but
(RCPT ACL)
warn domains = +local_domains
hosts = +local_hosts
- control = dmarc_verify_disable
+ control = dmarc_disable_verify
warn !domains = +screwed_up_dmarc_records
control = dmarc_enable_forensic