On a mailserver level there is one setting, that keeps out 90% of the spam for me. In postfix this setting is called "reject_unknown_client_hostname" or earlier "reject_unknown_client". Every connecting client must have an IP --> name mapping and a matching name---> IP mapping. Hijacked Windoze dial-in boxes and similar don't have that. Whatever the reason, on my server 90% of the ill traffic gets halted before it even gets near the spam filter. Of course the less discipined of your mailing friends might get caught on that one too, because the forward and reverse DNS Mapping of domains sometimes get out of sync, since they often reside on different nameservers. In these cases the somewhat more lenient
"reject_unknown_reverse_client_hostname" might be a wiser choice.
