(I run a similar service to postini, but smaller. Probably lots smaller!)
Other tests that are good for rejection:
* Bogus Message-IDs.
(Validate the header is present and you're 99% of the way there.)
* Dialup range restrictions .
(Guess you've got that covered already via DNSRBL)
* Early-talker
(Machines that send conversation before waiting for the banner.)
* Make sure there is a Date: header.
(I do range testing on that; but many spam mails don't have it
c.f. message-id:)
* HELO checks
(I mostly look for helo $my_IP)
Hope that helps. Happy to provide more details on request; most of
my stuff is based upon qpsmtpd running ahead of exim4.
Steve
--
Managed Anti-Spam Service
http://mail-scanning.com/
