On 8/7/2012 11:45 AM, tobi wrote: > Hi list, > > I'm currently doing some brainstorming on how to protect backup-mx > servers from being directly contacted by clients. I found that > postscreen can do this, but as far as I read only if the backup runs on > the same machine. > Another idea that came in my mind is that the backup-mx checks the > postgrey status of the main-mx and rejects clients that have no record > in master's postgrey. But this seems for me not very accurate. The only > clear case would be if postgrey has no record for the client or does not > answer at all because the entire server is down/having problems. But how > to react on backup if the client has a record in masters postgrey? > Or one could write a script for backup-mx that upon receiving mail tries > to contact master and check if a testmail could be sent. If the testmail > could be sent to master, then drop the connection from client on backup > Somehow I have no idea what the "best" approach would be. > > Thanks a lot for any input/hints/tips
The first thing you need to do is define for us what "protect backup-mx servers" means. What, exactly, do you want to protect them from? -- Stan
