FreeBSD-7.2 with Postfix (2.7-20091115) from the FreeBSD ports system. This is my first attempt to get SPF working. I installed "postfix-policyd-spf-perl" via the ports system and followed the directions (I think). I added this to the 'master.cf' file:
spf-policy unix - n n - 0 spawn user=nobody argv=/usr/local/sbin/postfix-policyd-spf-perl I then added this to the 'main.cf' file: spf-policy_time_limit = 3600 This was appended to smtpd_recipient_restrictions: check_policy_service unix:private/spf-policy That section now looks like this: smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks reject_unauth_destination check_policy_service unix:private/spf-policy reject Finally, I rebooted my machine. Unfortunately, I can find no evidence in the log file that SPF is ever being used. The file looks identical to what it did prior to installing the SPF-Policy server. Output of postconf -n: alias_database = hash:/usr/local/etc/postfix/aliases alias_maps = hash:/usr/local/etc/postfix/aliases broken_sasl_auth_clients = yes command_directory = /usr/local/sbin config_directory = /usr/local/etc/postfix daemon_directory = /usr/local/libexec/postfix data_directory = /var/db/postfix debug_peer_level = 2 delay_warning_time = 2h disable_vrfy_command = yes html_directory = no inet_interfaces = all mail_owner = postfix mail_spool_directory = /var/mail mailq_path = /usr/local/bin/mailq manpage_directory = /usr/local/man milter_default_action = accept mydestination = mydomain = seibercom.net mynetworks = 127.0.0.0/8, 192.168.1.0/24 mynetworks_style = subnet myorigin = $mydomain newaliases_path = /usr/local/bin/newaliases queue_directory = /var/spool/postfix readme_directory = no recipient_delimiter = + sample_directory = /usr/local/etc/postfix sender_dependent_relayhost_maps = mysql:/usr/local/etc/postfix/mysql-sender_relay sendmail_path = /usr/local/sbin/sendmail setgid_group = maildrop smtp_sasl_auth_enable = yes smtp_sasl_password_maps = mysql:/usr/local/etc/postfix/mysql-sasl_passwd smtp_sasl_security_options = noanonymous smtp_sasl_type = cyrus smtp_sender_dependent_authentication = yes smtp_tls_CAfile = /usr/local/etc/postfix/certs/cacert.pem smtp_tls_CApath = /usr/local/etc/postfix/certs smtp_tls_note_starttls_offer = yes smtp_tls_security_level = may smtp_tls_session_cache_database = btree:/var/db/postfix/smtp_tls_session_cache smtpd_authorized_verp_clients = $mynetworks smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) smtpd_client_restrictions = permit_mynetworks reject_plaintext_session reject smtpd_milters = unix:/var/run/clamav/clmilter.sock smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks reject_unauth_destination check_policy_service unix:private/spf-policy reject smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = smtpd smtpd_sasl_security_options = noanonymous smtpd_sasl_tls_security_options = noanonymous smtpd_tls_CAfile = /usr/local/etc/postfix/certs/cacert.pem smtpd_tls_cert_file = /usr/local/etc/postfix/certs/postfix-cert.pem smtpd_tls_key_file = /usr/local/etc/postfix/certs/postfix-key.pem smtpd_tls_received_header = yes smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:/var/db/postfix/smtpd_tls_session_cache tls_random_source = dev:/dev/urandom transport_maps = mysql:/usr/local/etc/postfix/mysql-transport unknown_local_recipient_reject_code = 550 virtual_gid_maps = static:1002 virtual_mailbox_base = /var/mail/vhost virtual_mailbox_domains = mysql:/usr/local/etc/postfix/mysql-domains virtual_mailbox_maps = mysql:/usr/local/etc/postfix/mysql-vmailbox virtual_minimum_uid = 100 virtual_transport = dovecot virtual_uid_maps = static:1002 -- Jerry postfix.u...@yahoo.com TO REPORT A PROBLEM see http://www.postfix.org/DEBUG_README.html#mail TO (UN)SUBSCRIBE see http://www.postfix.org/lists.html
