[opendmarc-users] postfix implementation

Scott Kitterman sklist at kitterman.com
Tue Jun 18 11:36:48 PDT 2013



Andreas Schulze <sca at andreasschulze.de> wrote:

>Am 18.06.2013 16:13 schrieb Birta Levente:
>> So how it recommended to implement with postfix?
>1. I define some macros in main.cf
>spf_milter       = inet:localhost:10000
>opendkim_milter  = inet:localhost:10001
>opendmarc_milter = inet:localhost:10002
>amavisd_milter   = inet:localhost:10003
>
>2. I attach them to my smtpd handling inbound traffic in master.cf
>smtpd      inet  n - - - - smtpd
>-o
>smtpd_milters=${spf_milter},${opendkim_milter},${opendmarc_milter},${amavisd_milter}
>
>submission inet  n - - - - smtpd
> -o milter_macro_daemon_name=ORIGINATING
>  # in opendkim.conf: MTA ORIGINATING
> -o smtpd_milters=${amavisd_milter},${opendkim_milter}
> -o smtpd_sasl_auth_enable=yes
> -o syslog_name=postfix/submission
>
>> Maybe using amavisd-new as milter?
>http://amavisd-milter.sourceforge.net/ runs fine!
>I attach my policybank_patch to select different amavisd-new policy
>banks by
>milter_macro_daemon_name.
>
>> But the problem is the spf verification. Which spf milter should I
>use?
>I use http://sourceforge.net/projects/smfs/files/smf-spf-2.0.2.tar.gz/
>with the attached patches it fit to my needs.
>
>> As I understand, I cannot use check_policy_service (with
>> pypolicyd-spf for example) in smtpd_recipient_restrictions because
>> is called after the milter.
>right, postfix check_policy_service does help nothing here.

Not true. 

Scott K


More information about the opendmarc-users mailing list