--On Dienstag, Juli 13, 2004 18:35:37 -0700 Dennis Carr
<ke6isf(_at_)chez-vrolet(_dot_)net> wrote:
By perusing my log files, I'm noticing that some spammers will go in
through my MX 20 record, and bypass whatever I have as countermeasures
that way. I suppose the theory is that I will always accept mail from
mx2.speakeasy.net.
ACK. They often try to get through your fallback MXes as they assume that
you have weaker authentication/filtering there (which unfortunately is true
in many cases).
On the other hand, removing the MX 20 record could be a problem in the
event of a prolonged down time. The mail theoretically has to go
somewhere, and I'd rather have it sit on a secondary mx until I come
back up, as some MTAs are configured to just bounce right away.
Live with it. After all, the mail will be bounced back to the sender and
they will know, that they need to contact you through other means. This can
sometimes even be better than mail sitting for some weeks in a fallback MX
queue.
So as such, is there a solution I'm missing?
Run your own fallback MX offsite. Servers are cheap to rent these days,
just get one and set it up the same way you did with your primary MX. This
way every aspect of mail delivery is under *your* control from the official
handover points (which IMHO the published MXes are) on until the mail lands
in your mailbox.
Ralf Döblitz