my opensmtpd config

smtpd.conf

pki mail-ng.hackerheaven.org cert "/etc/ssl/mail-ng.hackerheaven.org.fullchain.pem"
pki mail-ng.hackerheaven.org key "/etc/ssl/private/mail-ng.hackerheaven.org.key"

filter check_dyndns phase connect match rdns regex { '.*\.dyn\..*', '.*\.dsl\..*' } \
    disconnect "550 no residential connections"

# filter check_rdns phase connect match !rdns \
#    disconnect "550 no rDNS is so 80s"

#filter check_fcrdns phase connect match !fcrdns \
#    disconnect "550 no FCrDNS is so 80s"

filter senderscore \
    proc-exec "filter-senderscore -junkBelow 70 -slowFactor 5000"

filter rspamd proc-exec "filter-rspamd"

table aliases file:/etc/mail/aliases
table vdomains file:/etc/mail/domains.txt
table vusers file:/etc/mail/users.txt

listen on all tls pki mail-ng.hackerheaven.org \
    filter { check_dyndns, senderscore, rspamd }

listen on all port submission tls-require pki mail-ng.hackerheaven.org auth filter rspamd

action "local_mail" lmtp "/var/dovecot/lmtp" alias <aliases>
action "virtuals" lmtp "/var/dovecot/lmtp" virtual <vusers>
action "outbound" relay helo mail-ng.hackerheaven.org

match from any for domain <vdomains> action "virtuals"
match from src 10.133.0.0/16 for any action "local_mail"
match for local action "local_mail"

match from any auth for any action "outbound"
match for any action "outbound"