Im in the process of setting up a SMTP server for a few of my domains and obviously trying to reduce the current huge amount of spam im getting through.
As well as running Spam Assassin i've put a lot of restrictions on the actual Postfix SMTP end along with greylisting.
Its had a big effect in reducing the spam getting into the network (and after SA just about 0% gets through untagged) but im a little nervous i may have gone too far and possibly harm normal mail.
As far as i can tell all the restrictions i've added comply with RFC guidelines for what a MX should have but wondering if someone can just confirm that or suggest extras to add ?
Im using Postfix & Postgrey and my config currently reads like:
smtpd_sender_restrictions = reject_non_fqdn_sender,
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated,
# reject_unknown_client_hostname, <-- i have seen one incidence of a genuine mail being rejected by this
check_policy_service inet:127.0.0.1:60000, <--- This is postgrey
Are any of the lines in there likely to accidentally exclude a perfectly compliant mail server or alternatively, is there anything else i can add to help reduce spam whilst preserving genuine mails?
Would it help at all altering the order of those tests around?