To The List,
I have been trying to find a solution to this problem for quite some time, didn't find it so I thought I would ask you fine folks. Currently, in DNS(djbdns) I use the following entries for MX records:
@domain.com::scanner.domain.com:1
@domain.com::popserver.domain.com:1000
The MX record with "1" priority is setup to scan incoming mail for viruses, etc and then smtproute it over to the main POP server where users check their mail.
The problem occurs in that some of the mail(33% ish) will bypass the scanner server and will be sent directly to the primary POP server unscanned. I can verify that both machines are online when this happens.
So, are those the correct settings for the system I am creating, or will this always be the case. I would like no mail to be delivered to the primary POP server directly, unless the scanner server is down/offline.
Any takers? Thanks in advance for the support.
Some MTAs may not adhere to the priority level, and some spammers purposely target lower priorities hoping that scanning software might be not be in place.
Rather than directing mail to your scanner via an MX priority, have only one MX record:
@domain.com::scanner.domain.com:1
Then setup an smtproute from scanner to popserver. This should force all incoming mail to go through the scanner.
Regards,
Bill
