I have working postfix server. It configured with amavis and uses pretty good SMTP headers control. But sometimes my users receive spam from spammers with well known mail service providers addresses. Like: @gmail.com @yahoo.com and others. Of course they send this spam from illegal servers but with correct DNS records (A and PTR) and EHLO headers. Sever can't deny this mail.
So, i don't want use rbl due false|positive. And i don't want to use greylisting due timeouts.
I want use SPF checking but only for mail from know domains. I know that domain have correct SPF record.
I know that 2 SPF daemons exist (policyd-spf-perl and policyd-spf-python) and they seems to don't have such functionality.
So my questions is: Is possible to check SPF record only for specific domains list?
Best Answer
Yes, you can
Take a look on the example of postfix SMTP Access Policy Delegation where it shows that you can enable greylisting from frequently forged domains. It uses
smtpd_restriction_classes
to achieves it.So you can use that case to satisfies your scenario