Am 18.01.2015 um 12:01 schrieb SW:
> I have an SPF record created in DNS for my domain. In my main.cf config
> file
> for Postfix I have the following SPF settings:
>
> spf_received_header = yes
> spf_mark_only = no
>
> smtpd_recipient_restrictions = peject_spf_invalid_sender,
> permit_spf_valid_sender,
>
> smtpd_sender_restrictions = reject_spf_invalid_sender,
> permit_spf_valid_sender
>
>
> Is the above config correct to reject received emails that is NOT being
> delivered from the specified IP addresses in SPF?
a) postfix don' t support SPF out of the box
there are policy daemons for that task
b) hence all the spf_ params are fantasy
c) SPF of your own domain is not relevant for yourself
to receive mails, to prevent forged mails just add
you domains in a access table with a reject and place
"permit_mynetworks" and "permit_sasl_authenticated" in
front of that restriction
When I ran make config (on FreeBSD) to install the Postfix port I selected
the SPF support option. I assumed that would allow me to do SPF checking
with the options I mentioned? Although, I just noticed that when I ran make
config now it says:
SPF - SPF support (via libspf2 1.2.x)
Is this the policy you were referring to? I do have libspf2 installed
currently.
If I check the mail headers I can see the SPF:
Received-SPF: pass (mail.domain.com: domain of anotherdomain.net designates
xxx.xxx.xxx.xxx as permitted sender)
Does this mean SPF is working correctly?
--
View this message in context:
http://postfix.1071664.n5.nabble.com/SPF-configurations-tp73872p73875.html
Sent from the Postfix Users mailing list archive at Nabble.com.
