On 2016-12-14, OpenBSD lists <open...@leviathanresearch.net> wrote: > > Beside, this is only enabled on my primary server, the secondary server > will still accept email where the sender doesn't listen for SMTP. A > legitimate email server would detect the failure and try again with the > next MX record. Marketing and spam servers tend to see a single failure > and just carry on with spamming the next person.
Not for many years. They do retry, and they do try alternative MX (though sometimes in the reverse order). In my opinion a secondary MX (if you list one at all) should have *stronger* filtering than the primary. You don't want something entering the queue on a secondary unless you're pretty sure the primary is going to want to see it.
