I have a raspberry pi running postfix. I Realised unless I open port 25 I absolutely cannot receive emails (I have 587 open and can send but not receive them). However I heard there are scaries online which someone could potentially send emails from your server without consent. I believe as well my ISP doesn’t block port 25. Is there anything I should do right now before opening port 25, or should everything be safe enough?
Ideally, don’t. Self-hosting email is complicated, easy to get wrong (and dangerously wrong, where people could use your server as an open relay and send spam).
That said, if you really want to, make sure you’re not accepting email except for what’s destined for you. There are a bunch of postfix best-practice guides out there that can be easily found with a Google search. I don’t host my own email, so I can’t vouch for any.