Den 29. okt. 2015 22:27, skrev Jochen Spieker:
> co...@crearq.co.cu:
>> To apply SPF to control mails as well as spoofing
>> users and more.
>> - I have a server with postfix mail for local users which is
>> assigned to use SASL to prevent spoofing mails.
>> - I have a postfix mail sever face as internet gateway both cases
>> Debian.
>> and Bind9 the internet facing server and enable SPF to prevent
>> from outside can send emails to my local domain as if they were
>> internal users ??
>> spamassasin use and amavisd-new also
>> As might enable it ???
> I have trouble comprehending what exactly you are saying and I am not
> sure whether you are actually knowing what you are doing, but in order
> to enable SPF for a domain, all you need to do is add a TXT record for
> this domain with content like "v=spf1 mx -all". That instructs receiving
> systems to only accept mails from the MX for your domain.
>
For the other direction (incoming), check out debian package
postfix-policyd-spf. I am currently using a locally adjusted copy, but
at least in wheezy a standard setup using that package worked as
advertised for me. Pretty sure the same holds for jessie.
