From a0d439f832721ab1b4bdcf9ab844ee20d4dc1682 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Tue, 11 Dec 2018 21:13:19 +0100 Subject: submission: Prospective SPF checking. Cf. http://www.openspf.org/Best_Practices/Outbound . --- roles/MSA/templates/etc/postfix/main.cf.j2 | 2 ++ 1 file changed, 2 insertions(+) (limited to 'roles/MSA/templates/etc/postfix') diff --git a/roles/MSA/templates/etc/postfix/main.cf.j2 b/roles/MSA/templates/etc/postfix/main.cf.j2 index a48a327..65a0339 100644 --- a/roles/MSA/templates/etc/postfix/main.cf.j2 +++ b/roles/MSA/templates/etc/postfix/main.cf.j2 @@ -50,6 +50,7 @@ local_header_rewrite_clients = smtp_destination_recipient_limit = 1000 # Tolerate occasional high latency smtp_data_done_timeout = 1200s +policyd-spf_time_limit = $ipc_timeout # Anonymize the (authenticated) sender; pass the mail to the antivirus header_checks = pcre:$config_directory/anonymize_sender.pcre @@ -107,6 +108,7 @@ smtpd_sender_restrictions = reject_non_fqdn_sender reject_unknown_sender_domain check_sender_access lmdb:$config_directory/check_sender_access + check_policy_service unix:private/policyd-spf reject_known_sender_login_mismatch smtpd_relay_restrictions = -- cgit v1.2.3