The service is not enabled by default.  Enable it by doing the following:

1. Add the following to /etc/postfix/master.cf:

	spf-policy unix -       n       n       -       0       spawn
	  user=nobody argv=%%PREFIX%%/libexec/postfix-policyd-spf-perl

   The user nobody is fine if you have no other daemons running as nobody.
   Otherwise, you should use a dedicated user and group for this policy
   service.

2. Add "spf-policy_time_limit = 3600" to main.cf.

3. Configure the Postfix policy service in %%PREFIX%%/etc/postfix/main.cf:

	smtpd_recipient_restrictions =
		...
		reject_unauth_destination
		...
		check_policy_service unix:private/spf-policy
		...

   NOTE: Specify check_policy_service AFTER reject_unauth_destination or your
   system may become an open relay.

4. Restart Postfix.