assuming you got postfix up and running already
make sure you connect from a host that is NOT in
connect from a host that is not part of authorized SPF outbound
openssl s_client -starttls smtp -connect slackmx.nethence.com:25 ehlo std30.os3.su mail from:<firstname.lastname@example.org> rcpt to:<email@example.com> data lala . quit
==> expecting refused
first check that you can pass through
openssl s_client -starttls smtp -connect xc.nethence.com:25 #-crlf helo YOUR-TRUE-FQDN mail from:<> rcpt to:<> data ... .
then check that it’s truly enforced
telnet MX-SERVER-ADDRESS 25
mail from stage, you should get
530 5.7.0 Must issue a STARTTLS command first
from a client that does not resolves or reverse resolves, the message should NOT pass through
try to send a message remotely or from internal network and w/o SASL, while being in
mynetworks. since you are not one of the advertised MXes, the message should NOT pass through.
connect from an IP that should-be-blocked IP e.g. ADSL connection. your message should NOT pass through
should NOT pass through