Is there any way to make that every mail received by MAILSERVER-B
from anywhere except from MAILSERVER-A was sended to MAILSERVER-A, except
in case of MAILSERVER-A was down?On Wed, 22 Jun 2005, Billy Newsom wrote: > Pamcho wrote: > > > > I have the following configuration: > > > > > > MAIL SERVER A: With DSPAM and QMAIL-SCANNER > > MAIL SERVER B: With all the mailboxes > > > > All my domains have > > > > MX 10 SERVER-A > > MX 20 SERVER-B > > > > > > So the mails go to SERVER-A, the are filtered, and then, using > > smtproutes, sent to SERVER-B. > > > > > > If SERVER-A crashes all the mail go to SERVER-B without filtering, > > but no mail is lost. > > > > If SERVER-B crashes, SERVER-A keeps the mails until SERVER-A goes > > up. > > > > > > It works great with just one problem: SERVER-B receives mails that > > no go through SERVER-A. Especially a lot of SPAM. > > > > Is there any way to fix that problem? > > Definition of a Spammer: someone who attempts to send you mail any way > he can for any reason. Spammers love to send mail to backup MXes. They > tend to be naively administered with the misconception that a secondary > MX will rarely be used, and they don't need the same amount of > attention. In fact, they are favorite targets of spam. > > You need to switch roles of your servers. Put the spam checking on the > secondary only (via spamassassin, I suppose). You need RBL checking on > both. That works by rejecting inbound mail at the SMTP conversation. > See netqmail and other patches to qmail which add in RBL checks. > > You need to run antivirus only on the secondary, but it is nice to have > it on both, in case there is a big virus outbreak. (Some worms will > send multiple copies to the same server, once they find one.) > > You may find out that the primary mail server in your setup can be a > relatively small machine, and the secondary (with the users POPing or > IMAPing to it) will need to be the heavy machine. > > Or, if you don't need to run your own backup mail server, I know of > someplace that will do it for just $10 per year! Makes more sense to > me. What they can also do is provide you with two PRIMARY MXes, and > then your mail server will not be published at all -- that way, you will > *never* get spam sent to your server without having gone through theirs > -- and they run RBLs for you. Also for $10 per year. (It may be free, > depending on how many domains you have.) > > In other words, you could run an unpublished mail server, running on an > unpublished port 4321, and you will end up with less Spam to begin with. > (Yes, you will still get spam, just not from some of the major sources > on the Internet). And the provider will provide you two MXes, each with > priority 10. > > Billy > ------------------------------------------------------- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click _______________________________________________ Qmail-scanner-general mailing list Qmail-scanner-general@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
