I have one other question about BCP for mailing infrastructure.
In our current setup we have:
INBOUND
a.mx --
b.mx ---- mail
c.mx --
OUTBOUND
{local servers} -->
remote-smtp-auth --> smtp --> {INTERNET}
a.mx, b.mx, c.mx do not handle local delivery, they only pass
"acceptable" mail back to mail. they poll a DB server when mail
comes in from the internet to find if the RCPT to user is valid, and
also run Spam Assassin to filter out spam. This is done on the
edge as opposed to mail to avoid backscatter.
mail handles local delivery, as well ask DKIM verification
smtp receives mail w/o question from the local shell & utility servers
trusted via my_networks, and anything from a remotely authenticated
client. This machine also provides DKIM signatures. Any mail which
is considered local is passed back to mail, or sent out to the Internet.
So for BCP on mailing infrastructure, is this a good design? Are the
correct services running on the correct machines?
It seems to me that these could be somewhat subjective questions, but
I'd like to know how this setup compares against how others do things
when the layout is one of multiple servers handling various roles in the
layout; as well as hear in general how others do it.
Thanks much-
