Date: 2021jan28 OS: Linux Q. Postfix: quick Postscreen setup A. Postscreen is a great way to cut down on spam. This worked for me. In /etc/master.cf: Comment out:

# smtp inet n - n - - smtpd # -o parameter=value

Uncomment:

smtp inet n - n - 1 postscreen smtpd pass - - n - - smtpd -o parameter=value dnsblog unix - - n - 0 dnsblog tlsproxy unix - - n - 0 tlsproxy

In /etc/main.cf add:

postscreen_access_list = permit_mynetworks postscreen_dnsbl_threshold = 2 postscreen_dnsbl_sites = zen.spamhaus.org*2 bl.spamcop.net*1 b.barracudacentral.org*1 postscreen_dnsbl_action = enforce postscreen_blacklist_action = enforce postscreen_greet_action = enforce postscreen_pipelining_enable = yes postscreen_pipelining_action = enforce postscreen_non_smtp_command_enable = yes postscreen_non_smtp_command_action = enforce postscreen_bare_newline_enable = yes postscreen_bare_newline_action = enforce

You could actually start with no postscreen options in main.cf to be conservative then add them slowly. Remove any reject_rbl_client lines since they aren't necessary any more

smtpd_client_restrictions = permit_mynetworks, ... # reject_rbl_client bl.spamcop.net,

Reload:

# postfix reload

Watch the logs, make sure mail is still flowing More detailed description: http://www.postfix.org/POSTSCREEN_README.html