Am 18.01.2015 um 12:01 schrieb SW:
I have an SPF record created in DNS for my domain. In my main.cf config file
for Postfix I have the following SPF settings:
spf_received_header = yes
spf_mark_only = no
smtpd_recipient_restrictions = peject_spf_invalid_sender,
permit_spf_valid_sender,
smtpd_sender_restrictions = reject_spf_invalid_sender,
permit_spf_valid_sender
Is the above config correct to reject received emails that is NOT being
delivered from the specified IP addresses in SPF?
a) postfix don' t support SPF out of the box
there are policy daemons for that task
b) hence all the spf_ params are fantasy
c) SPF of your own domain is not relevant for yourself
to receive mails, to prevent forged mails just add
you domains in a access table with a reject and place
"permit_mynetworks" and "permit_sasl_authenticated" in
front of that restriction
