Rense Buijen wrote: > Mathhias, > > The problem is that when the mail enters the backup MX, we dont know > if that mail is blacklisted at for instance spamcop. > So if the backup mx accepts the mail (because it's dumb and it will > accept it), and my primary mx (SA) has set the backup mx as trusted > network/source, the mail will be delivered while it should not have > been. You see the problem? SA cannot see if the mail that has been > forwarded by my backup MX is valid (black/whitelisted) or not because > it cannot check the IP against the RBL, it will lookup the wrong IP. > And it should do this because there is NO rbl checking on the backup > MX itself...
You are making assumptions about what trusted_networks implies. Just because mail comes from a machine in your trusted_networks doesn't mean that it will not be scanned. The ONLY thing that trusted_networks means is that you trust those machines to put valid header information in the message. It does NOT mean that you trust them not to forward spam. For your configuration, you need to put your backup MX into trusted_networks in order for the RBLs to work properly. The real problem with this setup is that once your backup MX starts forwarding messages to the primary and spam is rejected, then your backup is in the bad position of having to issue a delivery notification to the sender. This is bad because most spam and viruses fake the sender information. So most of your bounces will be going to the wrong person. This is called "backscatter" and is another form of spam. A mailserver should not accept mail that it will not be able to deliver. I would suggest that you either configure your backup the same as your primary, or just drop the backup altogether. Without the backup, the sending MTAs will still retry the message (usually for at least a couple of days), so you don't lose anything unless your MX is down for an extended period of time. -- Bowie
