Backup mail server?
Dave Mitchell
davem at iabyn.com
Mon May 16 21:34:25 UTC 2005
On Mon, May 16, 2005 at 04:07:05PM -0400, Matthew Miller wrote:
> This just amounts to "don't use an ummaintained machine with no anti-spam
> tools for your backup MX". I don't see why that in any way invalidates the
> whole idea. (In fact, for the reasons you describe, one might want to have
> *stricter* spam checking rules on the backup MX.)
The backup MX will become a back-scatter generator unless it has a valid
list of recipients @your.domain (which it usually won't have if it's not
under your control).
Most spam these days has fake sender addresses sent directly to your
server from zombie SMTP clients. If an SMTP server knows all valid
addresses, it can reject unknown during the SMTP session, and the zombie
quietly does nothing. If on the other hand the zombie is talking to
a backup MX, that server just accepts all emails for the domain, including
all the old addresses of people who left your organisation five years ago.
The backup MX then passes all this crap onto the main MX, which then
rejects it with 'user not found', and the backup MX has no option but to
send a bounce message to the purported sender (which of course is fake).
So Joe Random then gets lots of spurious bounce messages for messages they
never sent.
--
SCO - a train crash in slow motion
More information about the users
mailing list