Backup MXes
David M. Dowdle
ddowdle at leopard.net
Sat Nov 19 12:07:29 PST 2005
<snipped>
>> one's multiple MXes, I have come to regard the existence of
backup MXes
>> as actively _undesirable_, contrary to commonly heard advice.
>
> I have been known to implement a variation on that theme: Have a backup
> MX all right, properly advertised, but as long as the primary is
> functioning, have the backup MX not listen to 25/tcp at all, so spammers
> get "connection refused."
>
> Now, if the objective were to capture spam, a variant might be to
> advertise a higher-numbered MX, and as long as the primary MX is
> working OK, accept the mail, but rather than deliver it as addressed,
> assume that it's spam.... After all, no legitimate SMTP client has
> any business sending mail to the higher-numbered MX unless the
> lower-numbered MX fails to respond.
>
This assumes that the primary MX has working routes from ALL mailservers
that the backup does, unfortuantly this is not always true. A peer and I
are backup MXes for each other. I see an estemated 2% of normal mail hits
the backup MX on any normal day.
More information about the Baylisa
mailing list