Postfix with SPF

Discussion in 'HOWTO-Related Questions' started by dfslezak, Jul 14, 2007.

  1. dfslezak

    dfslezak New Member

    I have followed falko's HOWTO for implementing SPF with Postfix.
    When I add the "check_policy_service" at /etc/postfix/main.cf, I stop receiving mails. Mails are relayed with the following message:
    "warning: restriction check_policy_service must be followed by transport:server"
    Any ideas??
    Thanks
     
    dfslezak, Jul 14, 2007
    #1
  2. falko

    falko Super Moderator Howtoforge Staff

    What's in /etc/postfix/main.cf?
     
    falko, Jul 15, 2007
    #2
  3. dfslezak

    dfslezak New Member

    Here it goes...

    smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
    biff = no

    # appending .domain is the MUA's job.
    append_dot_mydomain = no

    # Uncomment the next line to generate "delayed mail" warnings
    #delay_warning_time = 4h

    # TLS parameters
    smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache

    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.

    myhostname = ####example.com####
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    myorigin = /etc/mailname
    relayhost =
    mynetworks = 127.0.0.0/8
    mailbox_command = procmail -a "$EXTENSION"
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = all
    smtpd_sasl_local_domain =
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination,check_policy_service
    smtpd_tls_auth_only = no
    smtp_use_tls = yes
    smtp_tls_note_starttls_offer = yes
    smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    tls_random_source = dev:/dev/urandom

    virtual_maps = hash:/etc/postfix/virtusertable

    mydestination = /etc/postfix/local-host-names

    message_size_limit = 50000000
     
    dfslezak, Jul 15, 2007
    #3
  4. falko

    falko Super Moderator Howtoforge Staff

    Looks ok.
    I've found this link: http://www.postfix.org/SMTPD_POLICY_README.html

    I think you should try

    Code:
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination,check_policy_service unix:private/policy
     
    falko, Jul 16, 2007
    #4

Share This Page