This shows you the differences between two versions of the page.
- | Both sides previous revision Previous revision Next revision |
- | system:annoyances [2021-04-27T07:12:16+0000] michael_paoli |
---|---|
+ | Previous revision Next revision Both sides next revision |
+ | system:annoyances [2021-04-27T07:43:43+0000] michael_paoli |
@@ Line -545,3 +545,32 @@ | |
sflug.org. 86400 IN TXT "v=spf1 -all" | |
SPF version 2 could be good/better ... but later, not a top priority. | |
</file> | |
<file> | |
So, let's look into enabling SPF checking upon receipt of incoming ... | |
I also noticed what looks like something about a daemon - which may be preferable for large volumes/streams of incoming ... | |
let's look at documentation bit more ... | |
$ man spfd.mail-spf-perl | |
$ systemctl list-unit-files | fgrep spf | |
$ | |
So, nothin' in systemd unit files nor exim4 config that supports the spf daemon, so doing that would mean fair bit more manual configuring. | |
For now let's presume spfquery (non-daemonized) is quite "good enough" for now - we can change later if we need to. | |
So ... let's configure that ... | |
added ...: | |
# tail -n 1 conf.d/main/000_localmacros | |
CHECK_RCPT_SPF = true | |
# systemctl restart exim4.service | |
# That should be enough for that to now be operational - that should stop >> 50% of the incoming spam (attempts). Should see results in logs | |
quite soon (if not already). | |
</file> | |
<file> | |
Not seeing an SPF failure in the logs ... quite yet. | |
Let's test something that should fail ... | |
Drats - test made it through, even though the config should'a rejected it. | |
Oh, let's also add berkeleylug.com to the email domains, so that should work. | |
# DEBIAN_PRIORITY=medium dpkg-reconfigure exim4-config | |
# systemctl start exim4.service | |
Let's try sending to postmaster@berkeleylug.com | |
and yes, that got delivered fine. | |
So ... why is SPF check not working? | |
</file> |