[opendmarc-users] postfix implementation

Andreas Schulze sca at andreasschulze.de
Tue Jun 18 11:29:27 PDT 2013

Am 18.06.2013 16:13 schrieb Birta Levente:
> So how it recommended to implement with postfix?
1. I define some macros in main.cf
spf_milter       = inet:localhost:10000
opendkim_milter  = inet:localhost:10001
opendmarc_milter = inet:localhost:10002
amavisd_milter   = inet:localhost:10003

2. I attach them to my smtpd handling inbound traffic in master.cf
smtpd      inet  n - - - - smtpd
 -o smtpd_milters=${spf_milter},${opendkim_milter},${opendmarc_milter},${amavisd_milter}

submission inet  n - - - - smtpd
 -o milter_macro_daemon_name=ORIGINATING
  # in opendkim.conf: MTA ORIGINATING
 -o smtpd_milters=${amavisd_milter},${opendkim_milter}
 -o smtpd_sasl_auth_enable=yes
 -o syslog_name=postfix/submission

> Maybe using amavisd-new as milter?
http://amavisd-milter.sourceforge.net/ runs fine!
I attach my policybank_patch to select different amavisd-new policy banks by

> But the problem is the spf verification. Which spf milter should I use?
I use http://sourceforge.net/projects/smfs/files/smf-spf-2.0.2.tar.gz/
with the attached patches it fit to my needs.

> As I understand, I cannot use check_policy_service (with
> pypolicyd-spf for example) in smtpd_recipient_restrictions because
> is called after the milter.
right, postfix check_policy_service does help nothing here.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smf-spf-2.0.2.patches.tar.gz
Type: application/octet-stream
Size: 2750 bytes
Desc: not available
URL: <http://www.trusteddomain.org/pipermail/opendmarc-users/attachments/20130618/fcec6112/attachment-0001.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: policybank.patch
Type: text/x-diff
Size: 4981 bytes
Desc: not available
URL: <http://www.trusteddomain.org/pipermail/opendmarc-users/attachments/20130618/fcec6112/attachment-0001.patch>

More information about the opendmarc-users mailing list