On 26 Nov 2018, at 17:08, Noel Jones wrote:
On 11/26/2018 2:00 PM, Roberto Carna wrote:
Dear Noel, thanks for your help.
In the case of rejecting incoming mail from my own domain, do I have
to use just SPF? Or is it possible to use an ACL defined in main.cf
<http://main.cf> ?
Thanks again, good bye !!!
Yes, you can find examples on google. SPF is the accepted way to
deal with it.
Another option with added benefits is to use a submission (port 587
and/or 465) daemon and require users to authenticate on and never use
port 25 for submission. Then you can simply prohibit external clients
using sender addresses in your own domain on port 25. Note that this has
failure modes that might be solvable with SPF if you have known
legitimate external sources of inbound mail using your domain in sender
addresses.
--
Bill Cole
