OT: "Nolisting"
Richard Frovarp
richard.frovarp at sendit.nodak.edu
Tue May 27 15:30:18 IST 2008
Alex Neuman wrote:
> I've seen this done with some domains and working very well. In fact,
> some people will set it up this way:
>
> mydomain.com. IN MX 0
> somethingthatdoesntrespondtoport25.mydomain.com.
> mydomain.com. IN MX 10 mail1.mydomain.com.
> mydomain.com. IN MX 20 mail2.mydomain.com.
> mydomain.com. IN MX 30
> somethingthatdoesntrespondtoport25.mydomain.com..
>
> That way you're covered on both ends.
We handle internal mail via our primary MX. We use iptables with
tcp-reset to keep everyone else out. This prevents timeout delays from
the connecting servers. When we implemented this, we did not see any
drop in spam. We did notice that since internal mail was not competing
against spam for resources, the delivery times were much improved.
More information about the MailScanner
mailing list