Rense Buijen wrote:
> Mathhias,
> 
> The problem is that when the mail enters the backup MX, we dont know
> if that mail is blacklisted at for instance spamcop.
> So if the backup mx accepts the mail (because it's dumb and it will
> accept it), and my primary mx (SA) has set the backup mx as trusted
> network/source, the mail will be delivered while it should not have
> been. You see the problem? SA cannot see if the mail that has been
> forwarded by my backup MX is valid (black/whitelisted) or not because
> it cannot check the IP against the RBL, it will lookup the wrong IP.
> And it should do this because there is NO rbl checking on the backup
> MX itself... 

You are making assumptions about what trusted_networks implies.  Just
because mail comes from a machine in your trusted_networks doesn't mean
that it will not be scanned.  The ONLY thing that trusted_networks means
is that you trust those machines to put valid header information in the
message.  It does NOT mean that you trust them not to forward spam.

For your configuration, you need to put your backup MX into
trusted_networks in order for the RBLs to work properly.

The real problem with this setup is that once your backup MX starts
forwarding messages to the primary and spam is rejected, then your
backup is in the bad position of having to issue a delivery notification
to the sender.  This is bad because most spam and viruses fake the
sender information.  So most of your bounces will be going to the wrong
person.  This is called "backscatter" and is another form of spam.  A
mailserver should not accept mail that it will not be able to deliver.

I would suggest that you either configure your backup the same as your
primary, or just drop the backup altogether.  Without the backup, the
sending MTAs will still retry the message (usually for at least a couple
of days), so you don't lose anything unless your MX is down for an
extended period of time.

-- 
Bowie

Reply via email to