Also manage Reject_Not_Pass_Domains.

This commit is contained in:
Andrea Dell'Amico 2021-12-05 16:35:33 +01:00
parent 5193048476
commit 8936990a19
Signed by: adellam
GPG Key ID: 147ABE6CEB9E20FF
2 changed files with 8 additions and 0 deletions

View File

@ -93,10 +93,14 @@ postfix_spf_policy_helo_reject: 'SPF_Not_Pass'
# Mail_From_reject = Fail - Reject on Mail From Fail (default)
# Mail_From_reject = False - Never reject/defer on Mail From, append header only
# Mail_From_reject = No_Check - Never check Mail From/Return Path.
# * It is recommended to keep the default value, and manage specific cases setting
# postfix_spf_policy_reject_not_pass_domains
postfix_spf_policy_mail_from_reject: 'Fail'
# CIDR notation, 192.168.0.0/31,192.168.1.12
postfix_spf_policy_whitelist: ''
postfix_spf_policy_domain_whitelist: ''
# Using this option, a list of domains can be defined for special processing when messages do not Pass SPF. This can be useful for commonly spoofed domains that are not yet publishing SPF records with -all. Specifically, if mail from a domain in this list has a Neutral/Softfail result, it will be rejected (as if it had a Fail result). If needed, it is better to do it on a per-domain basis rather than globally. es: 'gmail.com,aol.com,hotmail.com'
postfix_spf_policy_reject_not_pass_domains: ''
postfix_spf_policy_lookup_time: 20
postfix_spf_policy_void_limit: 2

View File

@ -16,5 +16,9 @@ Whitelist = {{ postfix_spf_policy_whitelist }}
{% if postfix_spf_policy_domain_whitelist != '' %}
Domain_Whitelist = {{ postfix_spf_policy_domain_whitelist }}
{% endif %}
{% if postfix_spf_policy_reject_not_pass_domains != '' %}
Reject_Not_Pass_Domains = {{ postfix_spf_policy_reject_not_pass_domains }}
{% endif %}
Lookup_Time = {{ postfix_spf_policy_lookup_time }}
Void_Limit = {{ postfix_spf_policy_void_limit }}