fleshless.org No. You move.

Make postfix check SPF records.

I've recently noticed that my mail server wasn't checking SPF records and decided to fix that. Turns out postfix can't do that natively, only with an external command. I chose postfix-policyd-spf-perl as my external SPF checker. Randomly.

Howto, at least for Arch

Install postfix-policyd-spf-perl from AUR.

Add to the end of /etc/postfix/master.cf:

policy  unix  -       n       n       -       -       spawn
	user=postfix-external argv=/usr/lib/postfix/postfix-policyd-spf-perl

The leading tab is important.

Add to smtpd_recipient_restrictions in /etc/postfix/main.cf:

check_policy_service unix:private/policy,

Do that after reject_unauth_destination, not before.

Check the logs, it should be checking SPF records now.