also sprach Wietse Venema <wie...@porcupine.org> [2011.02.24.1729 +0100]: > This week I was doing some expiriments: I configured Postfix to > make postscreen listen on both primary AND backup MX addresses. > This was a matter of adding a second IP address to the ethernet > interface of my mail server, then adding a backup DNS MX record > that resolves to that second IP address.
Dear Wietse, dear list, almost half a year after the above message introducing postscreen and the idea of using a low-priority MX on the same host to raise the entry barrier for the postscreen whitelist, I would like to ping back to the thread with the following question: Has anyone found out how to make this work in combination with a physically-separate secondary MX? The reason why we want to keep a secondary MX is because in case that the primary does go offline, we find it much more convenient when mail queues in a location controlled by us. First of all, it means that we can release the mail as soon as the primary is back; second it means that we can inspect the queue (e.g. pfqueue) in the meantime, in case of emergency or the like; and third, it gives us a bit of a warm, fuzzy feeling to know that the mail is under Postfix-control, rather than still stuck on some M$ or Lotus or whatever mailserver out there, where it probably feels quite miserable. Wietse, have you been able to find out what happens to the third and fourth MX records? Do spammers touch them? Do they always pick the lowest prio? Do they always pick #2, regardless of how many there are? Cheers, -- martin | http://madduck.net/ | http://two.sentenc.es/ because light travels faster than sound, some people appear to be intelligent, until you hear them speak. spamtraps: madduck.bo...@madduck.net
digital_signature_gpg.asc
Description: Digital signature (see http://martin-krafft.net/gpg/sig-policy/999bbcc4/current)
