Hi,
was bei mir immernoch erstaunlich viel bringt ist greylisting (trotz postscreen, spamassassin etc.). Ich hab das aber sehr selektiv in Betrieb:
smtpd_recipient_restrictions = reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_non_fqdn_sender, reject_unknown_sender_domain, permit_mynetworks, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, reject_unauth_destination, reject_unverified_recipient, check_client_access pcre:$config_directory/greylisting.pcre,
smtpd_restriction_classes = greylisting
greylisting = permit_dnswl_client list.dnswl.org, permit_dnswl_client swl.spamhaus.org, check_policy_service inet:127.0.0.1:10026
/etc/postfix/greylisting.pcre: # these look like IPs or are domain names with lots of labels /(-.+){4}$/ greylisting /(..+){4}$/ greylisting # these look like dynamically assigned hostnames /(^|[0-9.x_-])(abo|br(e|oa)dband|cabel|(hk)?cablep?|catv|cbl|cidr|d?client2?|cust(omer)?s?|dhcp|dial?(in|up)?|d[iu]p|[asx]?dsld?|dyn(a(dsl|mic)?)?|home|in-addr|modem(cable)?|(di)?pool|ppp|ptr|rev|static|user|YahooBB[0-9]{12}|c[[:alnum:]]{6,}(.[a-z]{3})?.virtua|[1-9]Cust[0-9]+|AC[A-Z][0-9A-F]{5}.ipt|pcp[0-9]{6,}pcs|S0106[[:alnum:]]{12,}.[a-z]{2})[0-9.x_-]/ greylisting # these do not have a matching hostname->rdns mapping /^unknown$/ greylisting # these are countries with higher than average spam appearance /.br$/ greylisting /.cn$/ greylisting /.hk$/ greylisting /.id$/ greylisting /.in$/ greylisting /.kz$/ greylisting /.ru$/ greylisting /.th$/ greylisting /.tw$/ greylisting /.ua$/ greylisting /.vn$/ greylisting
And then there is a postgrey instance running on 127.0.0.1:10026
hth André