Ian Eiloart <[EMAIL PROTECTED]> said, in message [EMAIL PROTECTED]: > > > I've been meaning to do something like this for a while. The > > corollory would be, after moving the IP, to firewall the old IP and > > watch the firewall logs. Anyone hitting the old IP (after some > > reasonable grace period) > > Is that grace period different from the DNS TTL?
Probably not, but I think I'd give it the DNS TTL plus some value, just to be sure. I've been looking at what's been blocked. Once I take away the 90% that are obviously home connections or which don't have reverse lookups, I'm left with some very strange results. For example, the following have all attempted to connect to A records for aber.ac.uk: mailgate.brentwoodhousingtrust.co.uk - port 25 has Microsoft ESMTP MAIL Service Version: 5.0.2195.6713 hasn't connected to any of our inbound servers mail-kr.bigfoot.com - LiteMail v3.03 has connected to our inbound servers too mail-relay8.elsevier.co.uk - MAILsweeper ESMTP Receiver Version 4.3.17.0 has connected to out inbound servers too mail.sihe.ac.uk - Microsoft ESMTP MAIL Service, Version: 6.0.3790.1830 has connected to out inbound servers too It's fairly obvious that these are genuine outbound mail servers, but I'm very confused as to why doing it. We use greylisting, so for the latter three I guess it could be that they've tried the MX record, hit our greylisting and are now failing back to the A record. Would this be valid behaviour? Cheers, Alun. -- Alun Jones [EMAIL PROTECTED] Systems Support, (01970) 62 2494 Information Services, University of Wales, Aberystwyth -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
