reject mail when SPF test is incorrect for specific domain

Noel Butler noel.butler at
Wed May 4 02:56:37 CEST 2016

On 04/05/2016 09:30, Patrick Domack wrote:
> Quoting Noel Butler <noel.butler at>:
>> On 03/05/2016 18:02, Frédéric Goudal wrote:
>>>> Le 30 avr. 2016 à 04:02, Noel Butler <noel.butler at> a 
>>>> écrit :
>>>> On 30/04/2016 01:40, Frédéric Goudal wrote:
>>>>> Hello,
>>>>> I have searched for some time and have not found a solution for the
>>>>> following problem :
>>>>> - we do have a correct spf record for our domain
>>>>> - I would like to reject mail pretending to come from our domain
>>>>> Is there any way to do that with amavis ?
>>>>> f.g.
>>>> Better to do this at MTA level,looks like your using sendmail, so  
>>>> take a look at milter-spf and see if its still maintained.
>>> I was trying to avoid another layer in the mail filtering. I will try
>>> to use DMARK as Quanah said. I have already DKIM signing…
>>> But I had a look at milter-spf and the documentation is very very 
>>> light…
>> Nothing's changed then in 10 years :)
> Nothing should be changed, if your filtering after reception of the 
> email.
> If it is setup for before-queue, then sure, amavis will do it just
> fine. I have no idea if amavis + sendmail are able to do before-queue
> though, I stopped using sendmail in 2005.

For before queue, its best to be dealth wityh in MTA, before it gets to 
amavis, as we know with postfix its easy, sendmail is a bit of messing 
around because you need to make sure you own hosts can actually pass, 
but we cant suggest change in MTA's since they may have a sendmail tied 
backed (cyrus etc) and that would be unreasonable for something so 

If you have the urge to reply to all rather than reply to list, you best
first read

More information about the amavis-users mailing list