On Sun, Mar 31, 2019 at 06:59:40AM +0000, Dominic Raferd wrote: > On Sun, 31 Mar 2019 at 07:40, Jon LaBadie <jlaba...@acm.org> wrote: > > > When I try to block spam from repeaters, via access.db, > > firewall, ... the first thing that happens is the blocked > > mail gets delivered via my MX backup host. Mail received > > by this route does not seem to be checked against the > > access database. > > > > Is there something I'm not turning on to enable checks > > of mail received via the MX backup host? > > > > I presume the MX backup host is a third party service not under your full > control?
Correct. And I have no input to its administration. > > Does the MX backup host deliver to your primary host, and if so does it do > so with authenticated access? Delivers to my primary host, but NOT authenticated access. > > If the answer to both questions is yes, I suspect that your primary host is > not applying the same anti-spam tests to connections with authenticated > access as it applies to non-authenticated. This is a common set up but in > your case it allows spam accepted by the MX backup host to reach your > mailboxes because they bypass the checks on your primary host. If so, I > suggest you change the settings on your primary host to apply the same > tests to authenticated as to non-authenticated clients. Embarrassed to say, I set it up from a "recipie" which included authentication. But I never set up any authentication method(s). Thus I "advertise" authentication and I guess forwarding, but no one ever succeeds. Generates lots of log messages ;) > > A better solution, but maybe not possible for you, would be to have your MX > backup host apply the same anti-spam tests as your primary. Would that I could :( Thanks for the input. Jon -- Jon H. LaBadie jlaba...@acm.org 11226 South Shore Rd. (703) 787-0688 (H) Reston, VA 20190 (703) 935-6720 (C)
