On Feb 20, 2004, at 5:36 AM, Brian Candler wrote:
I don't see that it's necessary at all. A backup MX just receives the
mail,
queues it, and forwards it to the primary MX when it is back up. It
can do
so without any validation of the recipient address local-part. The
primary
MX will reject the bounce if it's invalid.
It _could_ do that. Just like your primary MX _could_ accept messages
only to bounce them later. While this is "in the spirit" of the RFC,
it is abundantly clear that spirit did not account for the abuse that
would ensue. A setup like that is an invitation for bounce-spam.
There is no good reason not to enforce _all_ of your policy rules on
your secondary MX. You can do it with commercial, open, closed and
free solutions. Our backup MXs are in another state and they enforce
all the local_part validation, spam-scanning, etc. I took one of my
systems administrators one day using Exim and MySQL replication to
accomplish this.
// Theo Schlossnagle
// Principal Engineer -- http://www.omniti.com/~jesus/
// Postal Engine -- http://www.postalengine.com/
// Ecelerity: fastest MTA on Earth