-4

How to restrict people to send emails from my email domain to reduce SPAM. We are using postfix in ubuntu. Is there any parameter which I can configure in main.cf to achieve this?

Any help will be really appreciated. Thanks

a3765910
  • 101
  • 1
  • 1
    @Iain: No it's not. The other question was misleading and this is why it got renamed and a new question was opened. – Julie Pelletier Aug 19 '16 at 07:30
  • @JuliePelletier It looks like exactly the same question text to me – user9517 Aug 19 '16 at 07:58
  • 2
    Can you please rephrase the question so that it asks how to protect yourself from people pretending from sending from your domain to make the question clearer and more distinct from the previous one? – Julie Pelletier Aug 19 '16 at 08:10
  • 1
    Agree with Julie. Reading the post Iain linked to (same OP) shows this is very poorly worded and Julie's answer is spot on. Ashutosh is in way over his head. Needs to go learn the basics (or hire someone with expertise in mail system setup). – user1521620 Aug 19 '16 at 08:17

1 Answers1

4

This is done by implementing different security solutions:

  • SPF: text DNS record for your zone that specifies what server is allowed to send from your domain; this is not restricting but major email providers will consider it in their spam analysis
  • DMARC: text DNS record that specifies how to deal with messages that fail SPF validation; there is a DMARC policy that tells the receiving MTA to reject those records, but it's usually wise to only report it at first to validate your configuration
  • DKIM: place an encrypted signature in each outgoing message; the public key is placed in a text DNS record which allows remote MTAs to validate the signature; this step implies minor PostFix configuration changes

Of course nothing can guarantee that all MTAs in the world will respect any or all of those instructions, but implementing them is definitely a step in the right direction and will probably solve your problem.

Note that I noticed, from your previous question, that your server doesn't have a PTR record and this will negatively affect your message deliverability, possibly causing them to be filtered as junk or rejected.

Julie Pelletier
  • 1,010
  • 7
  • 8
  • What should be the easiest among above techniques to implement? I will look for PTR record – a3765910 Aug 19 '16 at 06:25
  • SPF is easiest but also the least restrictive. Spammers and those that pretend to be you won't wait for you to learn before they send other emails from your domain. – Julie Pelletier Aug 19 '16 at 06:38