Hi list, I'm currently doing some brainstorming on how to protect backup-mx servers from being directly contacted by clients. I found that postscreen can do this, but as far as I read only if the backup runs on the same machine. Another idea that came in my mind is that the backup-mx checks the postgrey status of the main-mx and rejects clients that have no record in master's postgrey. But this seems for me not very accurate. The only clear case would be if postgrey has no record for the client or does not answer at all because the entire server is down/having problems. But how to react on backup if the client has a record in masters postgrey? Or one could write a script for backup-mx that upon receiving mail tries to contact master and check if a testmail could be sent. If the testmail could be sent to master, then drop the connection from client on backup Somehow I have no idea what the "best" approach would be.
Thanks a lot for any input/hints/tips tobi
