To send emails with Postfix, a few things have to be considered. These are either defined in RFCs or generally useful. 1. matching reverse DNS RFC1912 requires that the PTR record and the A record in DNS match. On the one hand it shows that the administrator understands the RFCs, […]
I use SPF records for many years. My implementation of SPF records in ISPConfig occurred to me to point out the advantages again. SPF is an authentication method that is stored in the DNS. This entry specifies which server can send mail for a particular domain. And why do I […]
Perfect Forward Secrecy (PFS) is a data encoding property that ensures the integrity of a session key in the event that a long-term key is compromised. PFS accomplishes this by enforcing the derivation of a new key for each and every session. Setup Dovecot Dovecot (at least from 2.1.x) already […]
With postfix and cron delivery of new mail messages may be certain times quite easily prevented. It can for example be prevent from that emails are delivered via push to inopportune times to a user. Add a hash-table in /etc/postfix/main.cf to smtpd_recipient_restrictions: check_recipient_access hash:/etc/postfix/hold In the file /etc/postfix/hold all domains […]
To send outgoing mail with postfix for certain domains only over IPv6 or IPv4, only a few changes are required. The domains are registered in accordance /etc/postfix/transport examplev4.de smtp-ipv4-only: examplev6.de smtp-ipv6-only: /etc/postfix/master.cf: smtp-ipv4-only unix – – n – – smtp -o inet_protocols=ipv4 smtp-ipv6-only unix – – n – – smtp -o inet_protocols=ipv6 /etc/postfix/main.cf: transport_maps = hash:/etc/postfix/transport: Execute postmap hash:/etc/postfix/transport and […]
To prevent faked sender-adresses i recommend to use Sender Policy Framework (see www.openspf.org/Introduction). You can easily add the SPF-Modul from openspf.org to postfix. You need these three perl-modules Mail::SPF Net::DNS::Resolver::Programmable NetAddr::IP After installing the requied modules, get the SPF-modul from here. Extract the archiv and copy postfix-policyd-spf-perl to /usr/lib/postfix kopiert. […]
I use postscreen postscreen to prevent spam mails. Potential spam messages are rejected directly before they reach the server and the content must be scanned. You shouldn´t use postscreen if a Mail-User-Agents (MUAs) should be able to connect. Usually the TCP-Port 25 is only used for Mail-Transfer-Agents (MTAa) since MUAs […]