Anyone have a tutorial link for adding SPF support to Postfix in Centos 8?
This is my first time trying a manual setup (i.e., without virtualmin) and every tutorial I'm finding is for CentOS 7 or Debian-based, and requires packages that DNF doesn't seem to have over here.
Postfix SPF Support
-
mikey13974
- Posts: 6
- Joined: 2013/05/29 08:01:08
Re: Postfix SPF Support
Sorry nevermind. I just realized spamassassin is performing SPF checks for me already.
-
KernelOops
- Posts: 428
- Joined: 2013/12/18 15:04:03
- Location: xfs file system
Re: Postfix SPF Support
Just for future reference, you can process SPF at the MTA level (postfix in this case). This is better, because you may block spam that fail SPF checks before they end up in spamassassin. It matters, because spamassassin is a very heavy and cpu-intensive process, thus blocking SPF at the MTA level saves you important resources.
To process SPF records in postfix, you may use pypolicyd-spf (written in python, provided by epel): yum install pypolicyd-spf
The same thing counts for DKIM, you can process DKIM signatures with opendkim at the MTA level and avoid doing that in spamassassin.
To process SPF records in postfix, you may use pypolicyd-spf (written in python, provided by epel): yum install pypolicyd-spf
The same thing counts for DKIM, you can process DKIM signatures with opendkim at the MTA level and avoid doing that in spamassassin.
--
R.I.P. CentOS
--
R.I.P. CentOS
--
-
mikey13974
- Posts: 6
- Joined: 2013/05/29 08:01:08
Re: Postfix SPF Support
Hey KernelOops,
Love your name... heh
I'm unable to find "pypolicyd-spf" in dnf on CentOS 8, even though I've got epel-release installed. Are we using different versions or something?
Also, do you have any good tutorials for MTA n00bs? I had to follow a tutorial to get spamassassin running inside master.cf and I don't feel comfortable with that whole config file. I blew 20 minutes trying to add options to the "submission inet n - n - - smtpd" line so I could do {blablabla fallback when my dovecot auth fails, somesuch} and couldn't get it to work.
Thanks for your tip!
Love your name... heh
I'm unable to find "pypolicyd-spf" in dnf on CentOS 8, even though I've got epel-release installed. Are we using different versions or something?
Also, do you have any good tutorials for MTA n00bs? I had to follow a tutorial to get spamassassin running inside master.cf and I don't feel comfortable with that whole config file. I blew 20 minutes trying to add options to the "submission inet n - n - - smtpd" line so I could do {blablabla fallback when my dovecot auth fails, somesuch} and couldn't get it to work.
Thanks for your tip!
-
KernelOops
- Posts: 428
- Joined: 2013/12/18 15:04:03
- Location: xfs file system
Re: Postfix SPF Support
yes, the name is fun, thanks 
unfortunately centos 8 is not yet ready for production, its missing TONS of packages and it can't act as a complete email server yet (no packages for pypolicyd-spf, opendkim, postgrey, etc).
currently, pypolicyd-spf and the other packages are only available for centos 7.
for centos 8, your only choice, is to use spamassassin for processing SPF and DKIM. This of course is not a real solution of DKIM because your outgoing emails can't be signed. I am waiting for centos 8.1 and updated packages from EPEL-8 but nothing has been released so far.
about postfix and spamassassin, I use this main.cf template and this master.cf template. You may pick whatever is suitable for your setup.
unfortunately centos 8 is not yet ready for production, its missing TONS of packages and it can't act as a complete email server yet (no packages for pypolicyd-spf, opendkim, postgrey, etc).
currently, pypolicyd-spf and the other packages are only available for centos 7.
for centos 8, your only choice, is to use spamassassin for processing SPF and DKIM. This of course is not a real solution of DKIM because your outgoing emails can't be signed. I am waiting for centos 8.1 and updated packages from EPEL-8 but nothing has been released so far.
about postfix and spamassassin, I use this main.cf template and this master.cf template. You may pick whatever is suitable for your setup.
--
R.I.P. CentOS
--
R.I.P. CentOS
--
-
mikey13974
- Posts: 6
- Joined: 2013/05/29 08:01:08
Re: Postfix SPF Support
Well drat. I just noticed CentOS 8 was out and immediately worked myself up into a gleeful installation-frenzy. I have three VPSes and two VM's running it now, with alllllllllll my services already loaded, configured, backed up, checked for backups, etc.
I guess I'll just have to ride it out now and hope they don't suddenly skip to CentOS 9 for some reason. Heh.
I guess I'll just have to ride it out now and hope they don't suddenly skip to CentOS 9 for some reason. Heh.