Hi Bob! I think all you need to do is head over to Settings>Antispam and configure the Content Filter Bouncing drop down menu to reflect Require message pass SPF. That should help prevent blacklisting due to bounces. 

Given the previous post on this issue, I suspect the real issue is that the backscatter service is generating false positives.   It would help if we had details about which backscatter RBL is causing the trouble.

An additional configuration point is this setting:

Site Administrator... Antispam... Options:  

I am moving to a three-stage configuration:   inbound gateway -> mail server -> outbound gateway.  I think it has significant theoretical advantages, because the requirements for anti-spam are very different in each of those stages.   

Given the different requirements, it is entirely likely that different tools will be needed at each stage.

If you have this 3-stage architecture, you simply use your firewall to disable outbound SMTP from Stage 1 and Stage 2 servers.   Traffic that can be rejected at Stage 1 will cause an NDR from the submitting server.   Traffic that is rejected after that point might generate an NDR, but the firewall will block the traffic.  The NDR will be discarded after sufficient time has elapsed.  Autoresponders will still be an issue.

Of course, if you are actually generating backscatter, it suggests that your spam filtering is inadequate or misconfigured, because detected spam should be discarded silently.   So you need to investigate the adequacy of your Stage 1 filters.

For Stage 1, I am stunned by the capabilities of Declude.  Sadly, I am only now deploying it, after 15 years using expensive products with less capability.   I plan to post a description of my implementation approach after I have sufficient results.

Great thanks. I will try that and see if it keeps me off the blacklist. I had it set to require SPF if SPF was found. I changed it to always use SPF.