nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: OT? /dev/null 5.1.1 email

From: Brad Knowles <brad () stop mail-abuse org>
Date: Tue, 5 Jul 2005 23:18:15 +0200

At 4:00 PM -0400 2005-07-05, Jim Popovitch wrote:


 However, is seems the problem is over on the secondary MX (Postfix)
 which only has a list of legit relay domains for pMX.  When pMX is back
 online sMX fwds it's queue, but at that point pMX rejects to sMX...who
 then rejects to Sender.
Yup, and a lot of spammers take advantage of this fact by directly connecting to the secondary MXes of their targets, and never connecting to the primary MXes. 


                           I'm not sure how I can get away from that
 happening.
Short of having a complete list of all your valid recipients on the secondary MX, or having some way for them to obtain this information, I don't think you can. Also note that you have to completely replicate the full anti-spam/anti-virus configuration from the primary MXes to the secondary MXes, for the same reasons. 

--
Brad Knowles, <brad () stop mail-abuse org>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

    -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
    Assembly to the Governor, November 11, 1755

  SAGE member since 1995.  See <http://www.sage.org/> for more info.
Previous By Date Next
Previous By Thread Next

Current thread: