Ask a question by email +7 (495) 649-53-54
All payment methods
Image

Knowledge base → Configuring SPF Checking in Postfix

[Virtual servers]
Date of publication: 11.06.2023

Setting the SPF check will reduce the amount of spam, i.e. reject emails from domains that do not pass this check.

1. Installing required packages:

apt install postfix-policyd-spf-python

2. Activating settings:

nano /etc/postfix/main.cf


policy-spf_time_limit = 3600s
...
smtpd_recipient_restrictions =
...
check_policy_service unix:private/policy-spf
permit

  • policy-spf_time_limit — sets the threshold of time that the mail server will be able to allocate for checking the SPF record.
  • check_policy_service — specify the path to the file with additional settings.

Let's add the settings to the file:

nano /etc/postfix/master.cf

...
policy-spf   unix    -    n    n    -    -    spawn
  user=nobody argv=/usr/bin/policyd-spf
...

Let's make changes to the additional settings file:

nano /etc/postfix-policyd-spf-python/policyd-spf.conf


...
HELO_reject = Fail
Mail_From_reject = Softfail

Softfail — deviation on HELO Softfail or Fail. HELO/EHLO is known first in the SMTP conversation, and there is no practical reason to waste resources on Mail From checks if the HELO check would already result in the message being rejected. This should not cause compatibility issues when used for HELO.

To try the settings, restart postfix:

systemctl restart postfix



No Comments Yet

Professional hosting SYNAY.NET

from 2009 to  in the market of telecommunication services

Image
Support +7 (495) 649-53-54