Question about relay and costs

Max Kipness mkipness at PAVESTONE.COM
Sun Jul 10 14:51:21 IST 2005

> >Hoping someone can offer advice on an issue I'm having.
> >
> >I have a server with the latest version of MailScanner, and DNS
> configured
> >for the email domain with a cost of 10 pointing to this server.
> >
> >I have another server that is not running MailScanner (yet) in another
> >location. It simply relays mail to the MailScanner server using Sendmail
> >with a cost of 20.
> >
> >What's strange first off, is that tons of mail still passes through the
> >server with cost of 20, even though the primary MailScanner server with
> >cost of 10 never goes down. Anybody know how to prevent this?
> >
> >
> The spammers don't follow the rules. In order to avoid your
> best-configured mail servers, they deliberately target the mail servers
> with the highest cost. So the genuine mail will be going to 10, and all
> the spam will go to 20. Your best bet is to even up the mail load going
> to each one. The best way to do that is to set them both to the same
> cost, use a virtual hostname (e.g. mx.your.domain) and have 2 A records
> for that hostname, which are the IP addresses of your mail servers.
> Also, you will need to change the IP address of your original 20 server,
> as it will have been hard-coded into a lot of spammers' target lists by
> now.
> Take a look at the Wiki entry I wrote about this a while ago:

This is very interesting, I will configure this way.

One question I have about two servers configured with MailScanner, though?
What about the configurations of the two servers? For example, the bayes db,
white and black lists, storage of quarantines, etc. Right now I have a
program that allows users to add to a white/black list by forwarding
received emails. I also have created a web based quarantine review and
release app. 

I wonder if it would make sense to replicate bayes, white/black lists via
rsync every 5 minutes or so? Move messages to one of the servers every so
often? Has anybody dealt with this scenario?

A neat addition to MailScanner would be a replication feature so you could
have MailScanner servers in different geographical locations for the same

> >The other question is what I might be able to do with the non-MailScanner
> >server so that when the mail does get relayed back to the MailScanner
> >server, it has the original IP of the sender, rather than the relay
> >server's IP. I believe this is causing SpamAssassin not to tag email with
> >SpamCop or XBL list scores.
> >
> >
> You will have to do the MailScanner "Spam List" checks on the first
> server it hits. However, SpamAssassin checks all the IP addresses in the
> headers, so will provide far more useful results. You are using
> SpamAssassin, aren't you? :-)

Yes, I am using SpamAssassin. Maybe I'm overlooking something, but when I
look at the headers of a message that went through the higher-cost relay
first, the first line states it's from the IP of my relay. Isn't that the IP
that is looked up in the black hole lists?


------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki ( and
the archives (

Support MailScanner development - buy the book off the website!

More information about the MailScanner mailing list