preventing backscatter at the source
Steve Freegard
steve.freegard at fsl.com
Sat Mar 29 01:13:51 GMT 2008
Mark Nienberg wrote:
> Interesting. A lot of spammers seem to send deliberately to secondary
> or teriary MXs instead of the primary even when the primary is up and
> running, in hopes of that it will not be as well protected.
Yes - been doing that for years now. It's a real pain if you use DNSBLs
on the primary and the ISP secondary doesn't use any as the secondary
then becomes the source of all your spam which you can't then reject via
DNSBLs as the connecting IP is the secondary.
I don't advocate backup MXes at all any more, you might as well just add
another equal MX and configure it in the same way as the primary and
have it forward messages directly to the mail store.
> So most of the time the backup at my ISP could call forward (but I doubt that it is, I'll have to check).
I would be doubtful that it is doing call-aheads. Milter-ahead has a
nice facility called +backup-mx, which means that if the primary is down
it will still accept the messages (but it will still reject any unknown
users that are in it's cache file) as normally call-aheads return a
tempfail when the call-ahead host is down.
Cheers,
Steve.
More information about the MailScanner
mailing list