Keeping own mail server can be rather painful because of spam. Very good spam fighting techniques can be found on ACME website.
My setup and techniques are following:
stargrave.org mail is handled by 10 mailfake0.stargrave.org. stargrave.org mail is handled by 40 mailfake2.stargrave.org. stargrave.org mail is handled by 30 mail2.stargrave.org. stargrave.org mail is handled by 20 mailfake1.stargrave.org.
mailunexistent domains exist, have an address, but no daemon listens on them. Most robots will connect only to the first MX.
disable_vrfy_command = yes strict_rfc821_envelopes = yes smtpd_helo_required = yes smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_pipelining, # Do not allow PIPELINE at all reject_non_fqdn_helo_hostname, # Reject HELO with non FQDN reject_invalid_helo_hostname, # Reject malformed HELO reject_unauth_destination, # Reject unknown destination reject_unknown_client_hostname, # check IP->name mapping, # check name->address mapping, # check name->address match check_policy_service inet:127.0.0.1:10023, # Greylist check_policy_service unix:private/spf-policy # SPF smtpd_client_restrictions = sleep 5, reject_unauth_pipelining smtpd_delay_reject = no # Some mail are rejected at all from some domains smtpd_sender_restrictions = hash:/usr/local/etc/postfix/access
maildroprules that places mail directly into /dev/null, or spam folder. I check spam folder once or twice a week and quickly wipe it if visually it have obvious spam. For me it is easier to maintain
maildropconfiguration from time to time, than work with SpamAssassin again.