Install the package with:

dnf install postfix

Edit /etc/postfix/main.cf. Consult http://www.postfix.org/BASIC_CONFIGURATION_README.html for the set of basic options.

systemctl start postfix
firewall-cmd --permanent --add-service=smtp
firewall-cmd --reload

After setting up proper MX and SPF records on your DNS server, you should now be able to send and receive emails. Emails will be stored under /var/spool/mail. You can also use the /var/mail symlink to access it.

For simplicity I installed mailx to send and receive emails on the machine.

dnf install mailx
mailx

To check Postfix logs: (remove f to not follow)

journalctl -fu postfix

To enable Postfix on next boot:

systemctl enable postfix

dnf install postfix-perl-scripts
pflogsumm -d today /var/log/maillog --problems-first --rej-add-from --verbose-msg-detail

Reference: https://www.linuxbabe.com/mail-server/block-email-spam-postfix

Install pypolicyd-spf:

dnf install pypolicyd-spf

Prepare a user account for it:

useradd -r policyd-spf
usermod -L policyd-spf
usermod -s /sbin/nologin policyd-spf
usermod -d / policyd-spf

Append to /etc/postfix/master.cf:

policy-spf unix -	n	n	-	-	spawn
	user=policyd-spf
	argv=/usr/libexec/postfix/policyd-spf

Append to /etc/postfix/main.cf:

strict_rfc821_envelopes = yes
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks
	permit_sasl_authenticated
	reject_non_fqdn_helo_hostname
	reject_unknown_helo_hostname
smtpd_sender_restrictions = permit_mynetworks
	permit_sasl_authenticated
	reject_unknown_sender_domain
	reject_unknown_reverse_client_hostname
	reject_unknown_client_hostname
smtpd_recipient_restrictions = reject_unauth_destination
	check_policy_service unix:private/policy-spf

Running journalctl -fu postfix to check there is a log line for policyd-spf when you receive an email.

Jan 24 00:14:38 openhsc.org policyd-spf[3159]: prepend Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=xxx; helo=xxx; envelope-from=xxx; receiver=<UNKNOWN>