From: Geoff Adams
Date: 2010-03-22 11:51:57 -0400
Subject: Re: milter-spiff and accessdb question
Thanks for the detailed explanation.
On 21 Mar 2010, at 6:23 AM, Anthony Howe wrote:
> For example in milter-spamc it would
> be a _bad_ idea to use +smdb-relay-ok, since spammers are known to try
> secondary MXes on the off chance that mail from the secondary is
> blinding accepted by the primary MX. Not a problem if you have control
> over both MXes and implement the same level of spam protection, but
> really bad if the secondary is outside of your control and has weaker
> protection. (My mail server in this latter case: primary under my
> control, secondary outside my hands.)
Yes, that's a good point. Actually, for that reason, I make sure that my secondaries have
identical measures in place (except for special honeypot cases). In fact, recent
recommendations have been that if you can't make sure that your secondary MXes have
identical policies (including rejection of unknown users, rather than acceptance and then
generating bounces), you probably don't want any secondaries at all.
The argument goes like this: Secondary MXes were more important in the days of UUCP,
dialup, and the like, when hosts were only sporadically connected to the net. Now, in the
days of constant connectivity, if your primary is unavailable for some time, that's fine.
The senders will queue the messages (unless they're spammers, in which case you win,
anyway) to send later when you are back up.
So, I have my answer, and things seem to be working fine, now. I just add that note in
case it helps some folks improve their mail architecture.
Copyright 2009, 2012 by SnertSoft. All rights reserved.