Originally Posted by falko
I'm using fail2ban together with Postfix and haven't had any problems.
Same for me. No problems so far.
Another benefit of fail2ban is that it will also help protect your sshd and other services as well.
I would add postgrey to your list and optionally spf if you plan to host virtual email domains.
I have a very low traffic mail site, but somehow a bogus address is on a spam list. As a result I was getting a bunch of activity to my domain catch all account due to a large number of postfix connects from spam bots. The majority of spam was getting caught by spamassassin, but still some got through and all the smapassassin activity was increasing my server load unnecessarily. Postgrey has handled this perfectly so far. Not one spam email has got through to be even analysed by spamassasin since I installed postgrey because the spam bots tend to only try once per spam run.
Similarly, there are already entries in my mail logs indicating that spf has rejected email due to spf failures and examining the entries gives me 99.9% certainty that they're bogus.