SPF Configuration

Discussion in 'Server Operation' started by Fernando Azevedo, Oct 12, 2020.

  1. Fernando Azevedo

    Fernando Azevedo New Member

    Hi All,

    I have been receiving some forged e-mails from my own domain and realised that although I have SPF records for all the domains I manage, I do not check for SPF on my mail servers. o_O

    I followed https://makeityourway.de/enabling-spf-sender-policy-framework-checking-on-postfix/ to enable SPF checking. This is very similar to https://www.howtoforge.com/postfix_spf but uses the python version instead of the perl one. (I found some links recommending the python version that was replacing the perl one due to discontinued support and performance issues)

    After I edit the master.cf and main.cf files, and after restarting postfix, mail stops from being relayed to the inbox, but they are not rejected either. If I do a
    Code:
    postqueue -p
    the queue is empty... They will then get relayed to the user Inboxes after I rollback the 2 configuration files and restart postfix.

    On syslog I see a bunch of
    Code:
    postfix/spawn[24597]: warning: command /usr/bin/policyd-spf exit status 120
    .

    When I run policyd-spf manually for testing this is what I get:
    Code:
    [email protected]:~$ policyd-spf
    request=smtpd_access_policy
    protocol_state=RCPT
    protocol_name=SMTP
    helo_name=***.dialeto-assertivo.pt
    queue_id=8045F2AB23
    sender=***@dialeto-assertivo.pt
    recipient=***@dialeo-assertivo.pt
    client_address=***.***.***.***
    client_name=***.dialeto-assertivo.pt
    
    The reply I get is
    Code:
    action=dunno mock header field that should be ignored
    Any hints or guidance on what I am doing wrong? Any help appreciated...

    Thanks,
    Fernando
     
    Last edited: Oct 13, 2020

Share This Page