> From: jdow > Wow, it's been awhile since this floated through the list the last time. > > The theory among the spammers is that the secondary and tertirary > MX machines are less well protected. "They're backups, afterall. > They're not used every day." > > Most canny anti-spammers are aware of this and may actually have the > secondaries nailed down a little tighter than the primaries.
Indeed a lot of spam-programs/viruses address directly the highest MX-record. I point my highest MX-record (after the primary and backup MX) to an inactive mail-server, sort of second backup but postfix is stopped. Once in a while I active it just to look what's coming in, and it is a gigantic amount of spam/viruses/name-guessing. This solution really has lowered the amount of traffic on my main mailservers. Menno van Bennekom
