Hi, I'm currently fine-tuning my mail server (Postfix and Dovecot on CentOS 7). SPF, DKIM and DMARC work fine, now I'd like to limit the spam tsunami. Besides the official Postfix documentation, I've read a few articles about Postfix spam restrictions, namely these : https://www.linuxbabe.com/mail-server/block-email-spam-postfix https://wiki.centos.org/HowTos/postfix_restrictions After some experimenting, here's what I currently have on my test server: --8<----- /etc/postfix/main.cf ----------------------------- ... smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, check_helo_access hash:/etc/postfix/helo_access reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, reject_unknown_helo_hostname smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, check_sender_access hash:/etc/postfix/sender_access, reject_unknown_sender_domain, reject_unknown_reverse_client_hostname, reject_unknown_client_hostname smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_client_access hash:/etc/postfix/rbl_override, reject_rhsbl_helo dbl.spamhaus.org, reject_rhsbl_reverse_client dbl.spamhaus.org, reject_rhsbl_sender dbl.spamhaus.org, reject_rbl_client zen.spamhaus.org --8<-------------------------------------------------------- Before committing this configuration to my main server, I thought I'd share this configuration on the list. Maybe the Postfix gurus among you have the odd comment to make. My aim is simply to eliminate as much spam as possible (that is, before adding SpamAssassin) while keeping false positives to a minimum. Any suggestions ? Niki -- Microlinux - Solutions informatiques durables 7, place de l'église - 30730 Montpezat Site : https://www.microlinux.fr Mail : info at microlinux.fr Tél. : 04 66 63 10 32 Mob. : 06 51 80 12 12