I saw one how-to covering this, but it didn't look the same as my SpamSnake setup. Anyway here is my issue: One of our vendors is being rejected on an SPF check. Someone told me that they had very recently changed ISPs. Here's a log entry from Postfix: Maybe they haven't updated their SPF record after the ISP change? Anyway, is there a way to whitelist their domain(s) in Postfix so my users can receive mail from them? UPDATE: after checking a few online dns query sites, I have determined that there is NO SPF record for either of their domain names. This doesn't sound right... If anyone wants a crack at this, their email server's name is mail.cbsinsne.com and their email address domain is fainsgroup.com.
You would have to use a client access list in postfix to get around this issue. Below is an example of what you would have to put in your postfix main.cf file, in the smtpd_recipient section. You just have to create a file called /etc/postfix/goodip and add the IP and OK to it eg. (2.2.2.2 OK) and then postmap it (postmap /etc/postfix/goodip). Then add the below string to postfix and do a postfix reload. This should now allow their IP through postfix. You can google check_client_access to get a better idea of the usage and syntax. smtpd_recipient_restrictions = check_client_access = hash:/etc/postfix/goodip
Yes, make sure you leave the other statements in there. Example: smtpd_sender_restrictions = hash:/etc/postfix/access, reject_unknown_sender_domain