Reindl Harald:
> Am 05.07.2011 16:55, schrieb Wietse Venema:
> > If no such problem exists, then we know that cache expiration
> > has nothing to do with the issue and we can move on.
> >
> > When the address verify cache works properly, it should become
> > populated over time (by spammers, by legitimate sites that have
> > very short SMTP timeouts, or by legitimate sites that try to deliver
> > to the backup after the primary replies with a 4xx response).
> >
> > There is no need to turn Postfix into a backscatter source by
> > accepting all mail when the primary is down. Just set the cache
> > expiration time to 100 days or so. Meanwhile I'll see if it is safe
> > to purge a recipient from the cache when the primary says that it
> > no longer exists. Maybe Postfix needs to wait for two negative
> > responses.
>
> sorry - but how should this work?
>
> suggesting the primary is 99.9% of the time up there comes
> nothing to the backup-mx and if it comes there it is too late
According to my postscreen stats, some 14% of spambots connects
only to my secondary MX address (I have one postscreen process
listen on both primary and secondary IP addresses for testing).
For examples of legitimate backup MX connections while the primary
is up, see the second paragraph in the quoted text above. That is
not the complete list of examples that I can come up with. When
primary and backup are in physically different networks, there can
be outages or congestion that make only the primary MX unreachable.
Wietse
