In this post, I’ll share the configuration file I use for Postfix installations and highlight some of the directives I use to combat incoming SPAM. If you want to use it, go ahead.
|smtpd_helo_required = yes
|Require that a remote SMTP client introduces itself with the HELO or EHLO command before sending the MAIL command.
|smtpd_delay_reject = yes
|Log recipient address information when rejecting a client name/address or sender address.
|strict_rfc821_envelopes = yes
|Require that addresses received in SMTP MAIL FROM and RCPT TO commands are enclosed with <>, and that those addresses do not contain RFC 822 style comments or phrases.
I also use the following access restrictions that the Postfix SMTP server applies in the context of the RCPT TO command:
|Reject requests when the HELO or EHLO hostname is malformed.
|Reject requests when the HELO or EHLO hostname has no A / MX record.
|Reject request when the HELO or EHLO hostname is not in fully-qualified domain or address literal form.
|Reject requests when the client IP address has no address.
|Reject requests when Postfix is not final destination for the sender address, and the MAIL FROM domain has no MX / A record.
|Reject requests when Postfix is not final destination for the recipient domain, and the RCPT TO domain has no MX / A record.
|Reject requests when the MAIL FROM address is not an FQDN.
|Reject requests when the RCPT TO address is not an FQDN.