On Jul 13, 2004, at 6:35 PM, Dennis Carr wrote:
By perusing my log files, I'm noticing that some spammers will go in
through my MX 20 record, and bypass whatever I have as countermeasures
that way. I suppose the theory is that I will always accept mail from
mx2.speakeasy.net.
Yes, you are right. Mail secondaries are only effective if all of your
mail servers, primaries and secondaries, all implement the same
policies regarding incoming mail. Then you can trust what comes from
them. If they have different policies (spam checks for example) then
you are only as safe as your weakest one.
In the modern e-mail scene, back up secondaries are rarely needed by
small domains. Almost any sender that sees an outage will happily
queue and retry for days. The whole secondary and multiple primary set
up only comes into play for large organizations - but then usually all
the servers are at the organization's border, and under the same
administrative control - and so can have all the same policies.
- Mark