>>>>> "Graham" == Graham Toal <[EMAIL PROTECTED]> writes:
Graham> Ouch! You're a brave one. That's fine until your first big network outage :-) Graham> Oh wait - I bet they're both on the same net segment, right? You wouldn't Graham> dare do that with a machine elsewhere on the net! No, they're both on the same machine! I told postfix to listen to two specific addresses instead of 255.255.255.255, each with their own config file. It's a simple but elegant solution. Also, the 450 merely says (to legit senders) "try again". So on the bizarre chance that my blue listener is down and it gets rolled to spamtrap, the sender will retry in a half hour or so. Graham> I might use the fact that mail had been delivered to a backup MX as Graham> *one* factor in a spam evaluation function but rejecting it all Graham> entirely is pretty risky. I think you've just been lucky so far. Graham> Doesn't your main machine ever reject calls because the load average Graham> is too high, for example? As I said, it's *one* machine for both listeners. Graham> I bet you're not running greylisting either. If you were, legitimate Graham> mail would frequently try your backup MX. It's a neat observation that Graham> several of us have made, and it is tempting to find a way to take Graham> advantage of it, but I think that rejecting *everything* that arrives Graham> on your lowest-valued MX is just going too far! I hate greylisting. It hurts legit mail to solve the spam problem. And I don't need it, based on the amount of spam I can kill with this (and a few other tricks described in the referenced paper). -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 <merlyn@stonehenge.com> <URL:http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
