Embedded Files
Faruque Ahmed : MCP, MCSA, MCSE, MCTS, MCIT, CCNA, OCA, OCP, GCP
Mail Server : Set SPF Checking
root@mail:~# apt -y install postfix-policyd-spf-pythonroot@mail:~# vi /etc/postfix-policyd-spf-python/policyd-spf.conf
# debug level (-1,0,1,2,3,4)# 4 is max, -1 means nothing is loggeddebugLevel = 1
# to run in test-only mode, change to [TestOnly = 0]# in test-only mode, mail will not be rejected due to SPF checksTestOnly = 1
# HELO/EHLO CHECKING# - [Fail] : reject only on HELO Fail# - [SPF_Not_Pass] : reject if result not Pass, None, Temperror# - [Softfail] : reject on HELO Softfail or Fail# - [Null] : only reject HELO Fail for Null sender# - [False] : never reject on HELO, append header only# - [No_Check] : never check HELOHELO_reject = Fail
# Mail From CHECKING# - [Fail] : reject on Mail From Fail# - [SPF_Not_Pass] : reject if result not Pass, None, Tempfail# - [Softfail] : reject on Mail From Softfail or Fail# - [False] : never reject on Mail From, append header only# - [No_Check] : never check Mail From/Return PathMail_From_reject = Fail
# Permanent Error Processing# - [True] : reject the message if the SPF result (for HELO or Mail From) is PermError# - [False] : treat PermError the same as no SPF record at allPermError_reject = False
# Temporary Error Processing# - [True] : defer the message if the SPF result (for HELO or Mail From) is TempError# - [False] : treat TempError the same as no SPF record at allTempError_Defer = False
# skip addresses to skip SPF checkingskip_addresses = 127.0.0.0/8,::ffff:127.0.0.0/104,::1
root@mail:~# vi /etc/postfix/master.cf
# add to last linepolicyd-spf unix - n n - 0 spawn user=policyd-spf argv=/usr/bin/policyd-spf
root@mail:~# vi /etc/postfix/main.cf
# add into [smtpd_recipient_restrictions]smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_policy_service unix:private/policyd-spf
root@mail:~# systemctl reload postfix
root@mail:~# apt -y install postfix-policyd-spf-pythonroot@mail:~# vi /etc/postfix-policyd-spf-python/policyd-spf.conf
# debug level (-1,0,1,2,3,4)# 4 is max, -1 means nothing is loggeddebugLevel = 1
# to run in test-only mode, change to [TestOnly = 0]# in test-only mode, mail will not be rejected due to SPF checksTestOnly = 1
# HELO/EHLO CHECKING# - [Fail] : reject only on HELO Fail# - [SPF_Not_Pass] : reject if result not Pass, None, Temperror# - [Softfail] : reject on HELO Softfail or Fail# - [Null] : only reject HELO Fail for Null sender# - [False] : never reject on HELO, append header only# - [No_Check] : never check HELOHELO_reject = Fail
# Mail From CHECKING# - [Fail] : reject on Mail From Fail# - [SPF_Not_Pass] : reject if result not Pass, None, Tempfail# - [Softfail] : reject on Mail From Softfail or Fail# - [False] : never reject on Mail From, append header only# - [No_Check] : never check Mail From/Return PathMail_From_reject = Fail
# Permanent Error Processing# - [True] : reject the message if the SPF result (for HELO or Mail From) is PermError# - [False] : treat PermError the same as no SPF record at allPermError_reject = False
# Temporary Error Processing# - [True] : defer the message if the SPF result (for HELO or Mail From) is TempError# - [False] : treat TempError the same as no SPF record at allTempError_Defer = False
# skip addresses to skip SPF checkingskip_addresses = 127.0.0.0/8,::ffff:127.0.0.0/104,::1
root@mail:~# vi /etc/postfix/master.cf
# add to last linepolicyd-spf unix - n n - 0 spawn user=policyd-spf argv=/usr/bin/policyd-spf
root@mail:~# vi /etc/postfix/main.cf
# add into [smtpd_recipient_restrictions]smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_policy_service unix:private/policyd-spf
root@mail:~# systemctl reload postfix
Page updated
Google Sites
Report abuse