Este é o problema que o SPF resolve, e você pode integrá-lo no Postfix com um dos dois daemons de validação do SPF para o Postfix . A versão do Python é provavelmente a melhor escolha.
A instalação irá variar um pouco dependendo da sua distribuição Linux, mas em geral você fará o que está no tutorial do Ubuntu:
In /etc/postfix/main.cf you will need to add the following line (it doesn't matter where, usually they get added to the end.
policy-spf_time_limit = 3600s
This changed the ups the policy time limit so the policy server won't time out while a message is still being processed.
Add this section to /etc/postfix/master.cf for the Python script
policy-spf unix - n n - - spawn user=nobody argv=/usr/bin/policyd-spf
or for the Perl script policy-spf unix - n n - - spawn user=nobody argv=/usr/sbin/postfix-policyd-spf-perl
Finally, you need to add the policy service to your smtpd_recipient_restrictions in file /etc/postfix/main.cf:
smtpd_recipient_restrictions = ... permit_sasl_authenticated permit_mynetworks reject_unauth_destination check_policy_service unix:private/policy-spf ...
Note: Put the policy service after reject_unauth_destination to prevent unexpected responses from the policy service from making your system an open relay (this is recommended for all policy services). Moreover, put the policy service after you permit local senders. You only want SPF to check inbound mail from the internet, not outbound mail from your users.