I run postfix on this server to hustle mail pieces to and from rickysquid.org.
The default postfix settings are pretty secure, but before I really hardened my
instances' config, lo, I was used as a spammer gateway and ended up on a spammer list
(SORBS, if you are curious). Google, Outlook, and the like
check these lists and so I was blocked from sending to all my GMail and Office 365 homies.
Getting a domain removed from this list actually wasn't too bad, but still I am
now paranoid about ending up on there again. I have tried to make every adjustment necessary (strictest possible relay/recipient/sender restrictions, use of TLS).
Also I just now put
smtpd_client_auth_rate_limit = 1 in my main.cf file
to limit AUTH attempts to 1 per minute and I'm already seeing brute-force
fools hitting this limit in my logs.
Speaking of logs - I am now using pflogsumm to get sanity checks on my mail server logs. It is a Perl script that parses the /var/log/mail.log file and produces a nice text report.
The following line in my crontab file runs pflogsumm every night and sends me (ricky) an email of the output.
Please note the above is one line (broken by terminal size), as in
08 04 * * * /usr/local/bin/pflogsumm.pl -d yesterday /var/log/mail.log 2>&1 | /usr/bin/mailx -s "daily mail stats" ricky