I was hoping someone could take a quick glance at my smtpd_*_restrictions configurations. While I've read and (re-)read the SMTPD_ACCESS_README file a few times over I would be greatly appreciative if someone could sanity check my work.
The goal is, obviously, to (a) block spammers, (b) only allow relaying / sending to SASL-authorized users. -->8-- smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated check_policy_service unix:private/policy-spf reject_unauth_destination smtpd_recipient_restrictions = reject_non_fqdn_sender reject_unknown_sender_domain reject_non_fqdn_recipient reject_unknown_recipient_domain reject_non_fqdn_hostname reject_invalid_hostname reject_unauth_destination reject_unauth_pipelining reject_rbl_client zen.spamhaus.org reject_rbl_client bl.spamcop.net reject_rbl_client cbl.abuseat.org reject_rbl_client dnsbl.njabl.org reject_rbl_client dnsbl.sorbs.net reject_rhsbl_sender dsn.rfc-ignorant.org reject_rhsbl_sender blackhole.securitysage.com --8<-- An extra pair of eyes that could confirm things look good and things are as "locked down" as possible (both in terms of relaying *and* dealing with blacklisted IPs) would be greatly appreciated. Thanks!