Well, I'm trying to get rid of some useless traffic (what else). I already did some changes like these: Code: mime_header_checks=pcre:/etc/postfix/mime-header-checks delay_warning_time = 3h qmgr_fudge_factor = 70 message_size_limit = 51200000 queue_minfree = 102400000 bounce_size_limit = 30720 bounce_template_file = /etc/postfix/bounce.cf delay_warning_time = 30m bounce_queue_lifetime = 3d maximal_queue_lifetime = 3d default_recipient_limit = 300 default_destination_recipient_limit = 30 default_destination_concurrency_limit = 10 smtpd_helo_required = yes smtpd_delay_reject = yes disable_vrfy_command = yes strict_rfc821_envelopes = yes invalid_hostname_reject_code = 554 multi_recipient_bounce_reject_code = 554 non_fqdn_reject_code = 554 relay_domains_reject_code = 554 unknown_address_reject_code = 554 unknown_client_reject_code = 554 unknown_hostname_reject_code = 554 unknown_local_recipient_reject_code = 554 unknown_relay_recipient_reject_code = 554 unknown_sender_reject_code = 554 unknown_virtual_alias_reject_code = 554 unknown_virtual_mailbox_reject_code = 554 unverified_recipient_reject_code = 554 unverified_sender_reject_code = 554 [B]smtpd_client_restrictions =[/B] [B]smtpd_helo_restrictions =[/B] permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_non_fqdn_hostname, reject_invalid_hostname, reject_unauth_pipelining [B]smtpd_sender_restrictions =[/B] permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_pipelining [B]smtpd_recipient_restrictions =[/B] permit_sasl_authenticated, permit_mynetworks, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_unauth_destination, check_policy_service inet:127.0.0.1:60000, permit which helped a lot to cut down my daily spam from 1000 to 10 without even having spamassassin to check all these mails. 1) That's correct? Would ISPConfig's spamassassin check the mail AFTER the above filters have been passed? 2) Are the smtpd_xyz_restrictions = lines setup with the right syntax? 3) Of course, there are still many mails that have to pass greylisting, so it's still work to do...however, could i harden these filters by putting in some lines that filter/reject out mails from countries I would never expect mail from? 4) Another leftover are the mails once a week (300 at once) that are rejected from other mailservers because my address firstname.lastname@example.org with the name max/karl/paul mustermann seems to be used in some big spam-mailing-lists, so it looks like email@example.com sends a mail to firstname.lastname@example.org (doesn't these mailservers check the origin correctly?) . I get the mailer daemon rejects like "Undelivered Mail Returned to Sender" and have no clue how to filter these out right away (probably not possible to check, if these are rejects for mails i sended = keep them and mails that where rejected by being spam?) 5) Actually, because of this traffic-testing right now i installed mailgraph yesterday (the old included debian etch package 1.2 with the newer .cgi from 1.4) and it seems to count a bit weird. My daily stat counts lets say 1000 rejects....then monthly there are about 800 and the count for the year is 0 ...is there something wrong in the package (.cgi is the same except for the layout)?