While I know there are plenty of documents on how to defeat spam with Postfix and various tools, I’m still quite amazed at how effective two options are. They are:
1 2 3 4 5
Now the cidr: line isn’t necessary above, but it’s handy if you want to shut down a whole IP block. The above two configurations have dropped the spam abuse on one of the servers I manage from about 90 or so a day, down to about 25. I was considering adding spamcop.net to the above RBLs, however, they’ve been known to blacklist SourceForge’s servers on a regular basis.