Question about relay and costs

Max Kipness max at KIPNESS.COM
Tue Jul 12 19:05:59 IST 2005


    [ The following text is in the "iso-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

> >Hoping someone can offer advice on an issue I^Òm having.
> >
> >I have a server with the latest version of MailScanner, and DNS
> configured
> >for the email domain with a cost of 10 pointing to this server.
> >
> >I have another server that is not running MailScanner (yet) in
> >another location. It simply relays mail to the MailScanner server
> >using Sendmail with a cost of 20.
> >
> >What's strange first off, is that tons of mail still passes through
> >the server with cost of 20, even though the primary MailScanner
> >server with cost of 10 never goes down. Anybody know how to prevent this?
> >
> >
> The spammers don't follow the rules. In order to avoid your
> best-configured mail servers, they deliberately target the mail
> servers with the highest cost. So the genuine mail will be going to
> 10, and all the spam will go to 20. Your best bet is to even up the
> mail load going to each one. The best way to do that is to set them
> both to the same cost, use a virtual hostname (e.g. mx.your.domain)
> and have 2 A records for that hostname, which are the IP addresses of
your mail servers.
> Also, you will need to change the IP address of your original 20
> server, as it will have been hard-coded into a lot of spammers' target
> lists by now.
>
> Take a look at the Wiki entry I wrote about this a while ago:
> http://wiki.mailscanner.info/doku.php?id=documentation:configuration:d
> ns

This is very interesting, I will configure this way.

One question I have about two servers configured with MailScanner, though?
What about the configurations of the two servers? For example, the bayes
db, white and black lists, storage of quarantines, etc. Right now I have a
program that allows users to add to a white/black list by forwarding
received emails. I also have created a web based quarantine review and
release app.

I wonder if it would make sense to replicate bayes, white/black lists via
rsync every 5 minutes or so? Move messages to one of the servers every so
often? Has anybody dealt with this scenario?

A neat addition to MailScanner would be a replication feature so you could
have MailScanner servers in different geographical locations for the same
domain.

> >The other question is what I might be able to do with the
> >non-MailScanner server so that when the mail does get relayed back to
> >the MailScanner server, it has the original IP of the sender, rather
> >than the relay server's IP. I believe this is causing SpamAssassin
> >not to tag email with SpamCop or XBL list scores.
> >
> >
> You will have to do the MailScanner "Spam List" checks on the first
> server it hits. However, SpamAssassin checks all the IP addresses in
> the headers, so will provide far more useful results. You are using
> SpamAssassin, aren't you? :-)

Yes, I am using SpamAssassin. Maybe I'm overlooking something, but when I
look at the headers of a message that went through the higher-cost relay
first, the first line states it's from the IP of my relay. Isn't that the
IP that is looked up in the black hole lists?

Thanks,
Max

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!



More information about the MailScanner mailing list