Differences

This shows you the differences between two versions of the page.

--- virtualmin [2025/03/06 12:04] – created protocol
+++ virtualmin [2025/03/06 15:35] (current) – protocol
@@ Line 1: / Line 1: @@
 ===== Check SPF records =====
 <code>
-Step 1
-Install the SPF Checker for postfix
 apt-get install postfix-policyd-spf-python
-Step 2
 edit your /etc/postfix/master.cf
 policyd-spf  unix  -       n       n       -       0       spawn
     user=policyd-spf argv=/usr/bin/policyd-spf
-Step 3
 edit your /etc/postfix/main.cf
 policyd-spf_time_limit = 3600
 smtpd_recipient_restrictions =
-    ...
+...
-    reject_unauth_destination,
+ reject_invalid_hostname,
-    check_policy_service unix:private/policyd-spf,
+ reject_unauth_destination,
-    ...
+ reject_rbl_client cbl.abuseat.org,
+ reject_rbl_client b.barracudacentral.org,
+ reject_rbl_client zen.spamhaus.org,
+ check_policy_service unix:private/policyd-spf,
+...
 Make sure, you are putting the check_policy_service unix after the reject_unauth_destination line, to not become an open relay to the world.
-Step 4
-Finally, do not forget to reload / restart your postfix
 /etc/init.d/postfix restart
-Step 5
-If you find the following in received Email Headers, your SPF is working properly
-Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=209.85.216.181; helo=mail-qt0-f181.google.com; envelope-from=yourmailaddress@gmail.com; receiver=info@miyw.de
-Step 6 (optional)
-instead of blocking wrong SPF Senders(default behaviour), you can just let python-spf tag them for spamassasin
 edit /etc/postfix-policyd-spf-python/policyd-spf.conf and set
@@ Line 45: / Line 31: @@
 Mail_From_reject False
 this will accept Emails with wrong SPF but SA will mark them as spam afterwards.
 </code>