On Mon, 29 Jan 2007, John Rudd wrote:
> It doesn't have to be firewalled. It just has to be non-answering on
> port 25. It's called "nolisting".
>
> I've thought about doing something similar. Nolisting only says:
>
> MX 1 non-answering.host
> MX 10 real.host
>
> But adding the non-answering host to the end seems like a good idea to
> me (for all of the spammers that try to attack the secondaries).
>
> There IS a risk of losing mail. But only if the sender is a non-RFC
> compliant MTA. Which, in theory, might be legit.. but I bet in
> practice, for this particular RFC issue, it's a near zero level of risk.
Um, given that the RFCs (2821, etc) say that the MXs should be tried in
order with the most preferred (lowest numeric value) first, wouldn't
that scheme result in delays on all messages (as well as lost mail from
servers that only try the "best" MX)?
Why make your "best" MX be the non-answering.host?
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
