li...@lazygranch.com skrev den 2018-01-30 11:11:
It is easy enough just to whitelist your own domains from opendmarc,
but that would allow spoofed email to get through.
its simple to not accept forged senders in port 25 ?
for me i just check virtual alias senders in postfixadmin, poor manns
spf checker cant fail here
in port 465 / 587 do not accept useers that does not sasl auth, problem
solved
in opendmarc skip sasl auth users
in policyd-spf skip localhost ip, and maybe aswell mynetworks in postfix