Matthias Egger:
> On 02/24/2011 05:29 PM, Wietse Venema wrote:
> > Listening on primary and backup MX addresses
> > ============================================
> > This week I was doing some expiriments: I configured Postfix to
> > make postscreen listen on both primary AND backup MX addresses.
> > This was a matter of adding a second IP address to the ethernet
> > interface of my mail server, then adding a backup DNS MX record
> > that resolves to that second IP address.
> Does this solution also work when you use two different machines (One
> for the primary MX and one for the backup MX)?
These solutions require that the "secondary MX" postscreen shares
the whitelisting database with the "primary MX" postscreen.
Currently, this means that both primary and secondary MX must use
the same postscreen process.
You could duplicate this trick on your second mail server by
configuring that as a tertiary and quaternary MX host, then never
whitelist clients on the quaternary MX address.
I can add a tertiary and quaternary MX on my mail server (using
the same postscreen process as the primary AND secondary MX) and
see if anyone connects to it at all.
Wietse
