postifx setting for reference
Posted in Daily on May 27th, 2015 by Banbanlihttp://www.postfix.org/SMTPD_ACCESS_README.html
Getting selective with SMTP access restriction lists
Postfix allows you to specify lists of access restrictions for each stage of the SMTP conversation. Individual restrictions are described in the postconf(5) manual page.
Examples of simple restriction lists are:
/etc/postfix/main.cf: # Allow connections from trusted networks only. smtpd_client_restrictions = permit_mynetworks, reject # Don't talk to mail systems that don't know their own hostname. # With Postfix < 2.3, specify reject_unknown_hostname. smtpd_helo_restrictions = reject_unknown_helo_hostname # Don't accept mail from domains that don't exist. smtpd_sender_restrictions = reject_unknown_sender_domain # Relay control (Postfix 2.10 and later): local clients and # authenticated clients may specify any destination domain. smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination # Spam control: exclude local clients and authenticated clients # from DNSBL lookups. smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, # reject_unauth_destination is not needed here if the mail # relay policy is specified under smtpd_relay_restrictions # (available with Postfix 2.10 and later). reject_unauth_destination reject_rbl_client zen.spamhaus.org, reject_rhsbl_reverse_client dbl.spamhaus.org, reject_rhsbl_helo dbl.spamhaus.org, reject_rhsbl_sender dbl.spamhaus.org # Block clients that speak too early. smtpd_data_restrictions = reject_unauth_pipelining # Enforce mail volume quota via policy service callouts. smtpd_end_of_data_restrictions = check_policy_service unix:private/policy