Thanks a lot all, it's all clear to me now!
I though that the trusted networks mean that the message will just be
passed it it came from that source.
I didnt know it will skip to the next "Received" IP. Thanks a lot.
One question about the "backscatter" problem though, if I understand
correctly it is always my Exchange server (the machine inline with SA)
who will send out "user does not exist" messages, right? The backup MX
will merely try to forward it and the Exchange server decides if that
mail address exists or not. I think Exchange is configured the right way
in such a way that it knows what users it has on the system..
I would really like to drop the second mx altogether but policy forbids
it :)
Thanks for all the help guys!
Rense
Bowie Bailey wrote:
Rense Buijen wrote:
Mathhias,
The problem is that when the mail enters the backup MX, we dont know
if that mail is blacklisted at for instance spamcop.
So if the backup mx accepts the mail (because it's dumb and it will
accept it), and my primary mx (SA) has set the backup mx as trusted
network/source, the mail will be delivered while it should not have
been. You see the problem? SA cannot see if the mail that has been
forwarded by my backup MX is valid (black/whitelisted) or not because
it cannot check the IP against the RBL, it will lookup the wrong IP.
And it should do this because there is NO rbl checking on the backup
MX itself...
You are making assumptions about what trusted_networks implies. Just
because mail comes from a machine in your trusted_networks doesn't mean
that it will not be scanned. The ONLY thing that trusted_networks means
is that you trust those machines to put valid header information in the
message. It does NOT mean that you trust them not to forward spam.
For your configuration, you need to put your backup MX into
trusted_networks in order for the RBLs to work properly.
The real problem with this setup is that once your backup MX starts
forwarding messages to the primary and spam is rejected, then your
backup is in the bad position of having to issue a delivery notification
to the sender. This is bad because most spam and viruses fake the
sender information. So most of your bounces will be going to the wrong
person. This is called "backscatter" and is another form of spam. A
mailserver should not accept mail that it will not be able to deliver.
I would suggest that you either configure your backup the same as your
primary, or just drop the backup altogether. Without the backup, the
sending MTAs will still retry the message (usually for at least a couple
of days), so you don't lose anything unless your MX is down for an
extended period of time.
--
Met vriendelijke groeten,
Rense Buijen
Chess Service Management
Tel.: 023-5149250
Email: [EMAIL PROTECTED]
