In this post, I’ll share the configuration file I use for Postfix installations and highlight some of the directives I use to combat incoming SPAM. If you want to use it, go ahead.
nano /etc/postfix/main.cf 
| smtpd_helo_required = yes | Require that a remote SMTP client introduces itself with the HELO or EHLO command before sending the MAIL command. |
| smtpd_delay_reject = yes | Log recipient address information when rejecting a client name/address or sender address. |
| strict_rfc821_envelopes = yes | Require that addresses received in SMTP MAIL FROM and RCPT TO commands are enclosed with <>, and that those addresses do not contain RFC 822 style comments or phrases. |
smtpd_recipient_restrictions
I also use the following access restrictions that the Postfix SMTP server applies in the context of the RCPT TO command:
| reject_invalid_helo_hostname | Reject requests when the HELO or EHLO hostname is malformed. |
| warn_if_reject reject_unknown_helo_hostname | Reject requests when the HELO or EHLO hostname has no A / MX record. |
| warn_if_reject reject_non_fqdn_helo_hostname | Reject request when the HELO or EHLO hostname is not in fully-qualified domain or address literal form. |
| warn_if_reject reject_unknown_reverse_client_hostname | Reject requests when the client IP address has no address. |
| reject_unknown_sender_domain | Reject requests when Postfix is not final destination for the sender address, and the MAIL FROM domain has no MX / A record. |
| reject_unknown_recipient_domain | Reject requests when Postfix is not final destination for the recipient domain, and the RCPT TO domain has no MX / A record. |
| reject_non_fqdn_sender | Reject requests when the MAIL FROM address is not an FQDN. |
| reject_non_fqdn_recipient | Reject requests when the RCPT TO address is not an FQDN. |
