We receive a a lot of spam addressed to (random) non-existing users. This causes postfix to generate "unknown user" bounces to the fake sender.
As a workaround I use a catch-all to redirect any mail to myself and manually forward mail in cause of typos in the local_part.
I want postfix to drop spams to non-existing users and only bounce them when their spam score is below a threshold. That way people trying to send ham to non-existent users will get a notice and there would be less backscatter.
Here the logs file
Sep 11 07:03:31 srv postfix/smtpd[27382]: connect from mailin.example.com[10.13.185.194]
Sep 11 07:03:31 srv postfix/smtpd[27382]: 563393847D: client=mailin.example.com[10.13.185.194]
Sep 11 07:03:31 srv postfix/cleanup[27386]: 563393847D: message-id=<20110911070326.3795.qmail@xyz.rostelecom.ru>
Sep 11 07:03:31 srv postfix/qmgr[1771]: 563393847D: from=<kjziswt@example.com>, size=5341, nrcpt=1 (queue active)
Sep 11 07:03:31 srv postfix/smtpd[27382]: disconnect from mailin.example.com[10.13.185.194]
Sep 11 07:03:33 srv postfix/pickup[26067]: C53A53851C: uid=115 from=<kjziswt@example.com>
Sep 11 07:03:33 srv postfix/cleanup[27386]: C53A53851C: message-id=<20110911070326.3795.qmail@xyz.rostelecom.ru>
Sep 11 07:03:33 srv postfix/pipe[27387]: 563393847D: to=<kn@sub.example.com>, relay=spamassassin, delay=2.5, delays=0.05/0.01/0/2.4, dsn=2.0.0, status=sent (delivered via spamassassin service)
Sep 11 07:03:33 srv postfix/qmgr[1771]: 563393847D: removed
Sep 11 07:03:33 srv postfix/qmgr[1771]: C53A53851C: from=<kjziswt@example.com>, size=3784, nrcpt=1 (queue active)
Sep 11 07:03:33 srv postfix/local[27392]: C53A53851C: to=<kn@sub.example.com>, relay=local, delay=0.25, delays=0.11/0.01/0/0.13, dsn=5.1.1, status=bounced (unknown user: "kn")
Sep 11 07:03:33 srv postfix/cleanup[27386]: F2879384E6: message-id=<20110911070333.F2879384E6@srv.sub.example.com>
Sep 11 07:03:34 srv postfix/bounce[27393]: C53A53851C: sender non-delivery notification: F2879384E6
Sep 11 07:03:34 srv postfix/qmgr[1771]: F2879384E6: from=<>, size=5665, nrcpt=1 (queue active)
Sep 11 07:03:34 srv postfix/qmgr[1771]: C53A53851C: removed
Sep 11 07:03:34 srv postfix/smtp[27394]: F2879384E6: to=<kjziswt@example.com>, relay=mailout.example.com[10.13.60.4]:25, delay=0.08, delays=0.04/0.01/0.01/0.02, dsn=2.0.0, status=sent (250 OK id=1R2e4j-0001L0-QU)
Sep 11 07:03:34 srv postfix/qmgr[1771]: F2879384E6: removed
Best Answer
Unfortunately, the server checks for an existing recipient (against the envelope recipient) before it ever sees the message. It's not possible to check if the message is spam.
The only things that come before this check are the "server helo" and "envelope from"; which you could try to filter (SPF and rDNS lookups spring to mind immediately). You could also use RFC-Exploit Anti-Spam checks like Graylisting.