How to enable DKIM and SPF checks on inbound messages


SPF and DKIM is configured for your domains so the message you send have that protections enabled. But for received messages, DKIM or SPF is not enforced meaning the server accept all message including those that fails on any or both of this categories.

It might be a nice improvement to set this check as an option I think. I receive spoofing messages and lots of spam, so I think this can at least improve a bit the situation.

If it is not going to be an option, should I proceed on my own enabling this for postfix following standard ubuntu+postfix guidelines or may you suggest any procedure for that?


this would be a nice option if domain based. "Domain a checks it, “Domain B” doesn’t check it and so on.

Some users wants all their mail and a missing email is a missed opportunity. On the other hand, 3 spams less a day saves some anoying time.

I don’t think you need to keep track of who enforces and who does not because that’s exactly what DMARC is for. It tells you whether a domain wants messages to be rejected if those tests fail.

You could I guess add this as a kind of override if you wanted to add your own controls for domains that don’t have published DMARC records, but that seems like a lot of effort when there’s a perfectly good mechanism already available and is in the hands of the domain owner.

This topic was automatically closed after 61 days. New replies are no longer allowed.