I suggest adding the option to enable an RBL service such as:
NOTE: This is from my non-ebox server (just an example).
smtpd_recipient_restrictions =
permit_mynetworks,
reject_unauth_destination,
reject_unknown_recipient_domain,
reject_unauth_destination,
check_sender_access hash:/etc/postfix/access,
check_helo_access hash:/etc/postfix/helo_checks,
reject_rbl_client zen.spamhaus.org,
permit
Not everyone will want to enable this, but the option would be nice.