BCP is Best Current Practice, which for email includes at least having Forward-confirmed reverse DNS for mailserver hostname (with the same FQDN in EHLO hostname), SPF, DKIM, DMARC.
I'm sure most people here know about DMARC but there are still a lot of mail senders which either have no DMARC record, or send some messages in a way that either DKIM or SPF or even both fail, or have a syntax error in SPD/DKIM/DMARC DNS records.
On top of this it is good to ensure that your servers doesn't generate email backsatter when possible. Send rate limits is a simple but rarely enforced by small servers way to limit amount of spam which can be send if user credentials or web-app hosted on the same server are compromised.
I'm sure most people here know about DMARC but there are still a lot of mail senders which either have no DMARC record, or send some messages in a way that either DKIM or SPF or even both fail, or have a syntax error in SPD/DKIM/DMARC DNS records.
On top of this it is good to ensure that your servers doesn't generate email backsatter when possible. Send rate limits is a simple but rarely enforced by small servers way to limit amount of spam which can be send if user credentials or web-app hosted on the same server are compromised.