spf-discuss
[Top] [All Lists]

Re: MX secondary problem?

2004-07-13 22:30:40

On Jul 13, 2004, at 6:35 PM, Dennis Carr wrote:

By perusing my log files, I'm noticing that some spammers will go in
through my MX 20 record, and bypass whatever I have as countermeasures
that way.  I suppose the theory is that I will always accept mail from
mx2.speakeasy.net.

Yes, you are right. Mail secondaries are only effective if all of your mail servers, primaries and secondaries, all implement the same policies regarding incoming mail. Then you can trust what comes from them. If they have different policies (spam checks for example) then you are only as safe as your weakest one.

In the modern e-mail scene, back up secondaries are rarely needed by small domains. Almost any sender that sees an outage will happily queue and retry for days. The whole secondary and multiple primary set up only comes into play for large organizations - but then usually all the servers are at the organization's border, and under the same administrative control - and so can have all the same policies.

        - Mark


<Prev in Thread] Current Thread [Next in Thread>