Eu faço uso de:
- smtpd_recipient_restrictions
- listas negras de DNS
- listas negras locais
- filtros de cabeçalho / corpo
Exemplo:
smtpd_recipient_restrictions = permit_mynetworks,
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unauth_destination,
check_policy_service unix:private/policy,
reject_rbl_client zen.spamhaus.org,
reject_rbl_client psbl.surriel.com,
reject_rbl_client dnsbl.sorbs.net,
permit
A opção reject_non_fqdn_hostname
captura muitos servidores, mas sua milhagem pode depender muito de quem você recebe e-mails.