Postfix SPF Option

[srg]

Hey guys. I'm running postfix-2.11.1,1 built from ports on FreeBSD 10.0-RELEASE. The port has an option to support SPF via libspf2. I enabled the option. However, I can't figure out how to get it working in Postfix.

Reading mail/postfix's Makefile, enabling the SPF option fetches a patch from http://distcache.freebsd.org/local-distfiles/mm/postfix-2.8.0-libspf2-1.2.x-0.patch.gz.

Reading that patch file, the patch adds some sender restrictions, as well as adds a "Received-SPF:" header. I added a few options to my /usr/local/etc/postfix/main.cf from the patchfile:

spf_received_header = yes
spf_mark_only = yes
spf_reject_code = 550
spf_global_whitelist = no

I restarted postfix, then sent myself some mail from a Gmail account. The Received-SPF: header was not in those test emails. Am I missing something?

Thank you for the tips/advice/help!

 

[wblock@]

SPF does not detect spam, just forged domains. And spammers do use it, but not all of them.

 

[srg]

SPF does not detect spam, just forged domains. And spammers do use it, but not all of them.

I do understand that and how SPF works. I ran SPF, DKIM, and A/V checking in the past through security/amavisd-new with security/clamav and mail/spamassassin. However, due to the high maintenance requirements when upgrading Perl, I decided to uninstall them for the time being and rely on postfix's sender restrictions and mail/maildrop for a bit of elementary filtering. This is a very low volume email system. I planned on using maildrop to read the Received-SPF: header and filtering based on that. It may or may not help, but we'll see once I do it

It seemed to me that the SPF option/patch wasn't having an affect. I was just wondering if I was missing something in the configuration.

 

[wblock@]

mail/maildrop can certainly do that. I do something similar with mail/bogofilter. In .mailfilter, it runs bogofilter, then tests the added header to decide what to do with the message.

 

[srg]

mail/maildrop can certainly do that. I do something similar with mail/bogofilter. In .mailfilter, it runs bogofilter, then tests the added header to decide what to do with the message.

It seems that you're missing my problem. I have mail/postfix configured and installed with the SPF patch. However, the Received-SPF: header not present in emails from domains that do have a SPF record (such as GMail). My conclusion is that either the patch is not working correctly and needs to be fixed or removed from the port, or I am blindly missing a (non-documented?) configuration option to enable it. I have already searched /var/log/mail.log for any SPF- or DNS-related errors to no avail.

 

[wblock@]

Sorry, just responding to parts of the question that I can address.