Backup mail server?

James Wilkinson fedora at westexe.demon.co.uk
Mon May 16 19:59:32 UTC 2005 

Cosme Faria Corrêa wrote:
> I do not agree.
> I think it is not a good idea to allow my client see a warning about my
> server unavailability.
> 
> The MX bkp server just cache your e-mails while you are off-line.
> It is not routine, it is for a emergency.
> 
> The relay is closed and it send just for your MX "master", when
> available.
> 
> Is there any problem here?

If I'm understanding you correctly, you're not describing the ways that
MX servers are normally set up. If you *can* get one like that, it
answers most of the objections.

The difference is in the "The relay is closed" bit: do I understand that
when your main server is up, the backup MX won't accept any e-mail for
your domain even if e-mail is sent directly to it? Presumably it has
periodic checks (or checks when an SMTP connection is made) to see if
the main MX server is live?

Most backup MXes don't do this. They are set so that they will always
accept e-mail for you, and forward it when they can. If your server has
been sitting there for months without a glitch, they won't know this:
they'll still accept the mail and forward it to you, even though the
sender should have sent it to your main MX.

"Normal" MTAs [1] avoid the backup MX and use the main one by looking at
the DNS records. But this relies on the sending MTAs being well-behaved.
Spammers, by definition, will be badly behaved if it suits their
purposes.

And this is the problem: by the time any MX has accepted e-mail for you,
you've lost the chance to do a whole set of anti-spam checks. If you
control the backup MX, you can set it to do the same checks as your main
MX. If you don't, then your backup MX is a highway around your anti-spam
defences. And spammers know this. Their tools know this.

One of the latest and greatest anti-spam tools is greylisting. This only
works by looking for one of the differences between legitimate MTAs and
spam-spewers. And it needs to be able to talk directly to the sending
MTA to make this work. So it needs to be on *all* your MXes. You know
(or should do) the MTA on your backup MX is a "good" MTA that does
re-trying properly. You gain nothing by greylisting your backup MX: you
need the greylisting *on* the backup MX.

Hope this helps,

James.

[1] Message Transfer Agent: a program that transfers e-mails between
machines on the way from sender to recipient.
http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/ref-guide/s1-email-types.html

-- 
E-mail address: james | We still have enough spare cardboard sitting around
@westexe.demon.co.uk  | to send a bus by Parcelforce, although not enough
                      | wrapping to be sure they wouldn't deliver it broken
                      | into two pieces.  -- Alan Cox

More information about the users mailing list