18/01/10
We've run our own mail servers for a number of years and during that period, the battle against SPAM email hasn't really stopped. Amonst the plethora of defences already implemented, we have been watching the progress of 'SPF' has been making. With the number of domains now using SPF increasing, what follows is a description of how we have implemeneted it on Solaris with Postfix. First up, get hold of the Perl 'SPF' policy server for Postfix. As Postfix is installed in /usr/postfix on our servers, we dropped the perl script into /usr/postfix/lib/spf-policyd and made it executable. There are a number of Perl dependencies, so try to start it by hand to work out what you need to supply. CPAN is your friend to resolve them. Once you have it running, send it a test settings to make sure it works as expected; the README and INSTALL files within the package have some examples of what you can send it. Next, add it to the 'master.cf' file so the Postfix subsystem will start it up: 127.0.0.1:10027 inet n n n - 0 spawn user=nobody argv=/usr/postfix/lib/spf-policyd Finally, add the rule to the 'main.cf' file so Postfix will use it: smtpd_recipient_restrictions = The important bit is to make sure it goes after the 'reject_unauth_destination' element. Now restart Postfix and check the logs; if there are any issues, you can edit the spf-policyd script and turn on verbose logging to find out what it gets passed and what decisions it makes. For details on how to secure your own email domain, have a look at the OpenSPF website for more information and the nifty tool that will generate the DNS records for you to cut & paste into your records. |
|
XML Feeds