Re: Increasing spam level for MX backup server?

Sun, 24 Sep 2017 15:13:12 -0700 

On 09/24/2017 10:54 AM, Davide Marchi wrote:



*David Jones wrote:*

I tried using tarbaby.junkemailfilter.com as my highest/third MX and 
ran into delivery problems due to greylisting.  MTAs will back off and 
retry at different intervals which can cause very long delays with 
greylisting.



Look at the MX records for ena.com.  My smtp2.ena.net _always_ temp 
fails everything which is attacked by spammers and bots. smtp.ena.net 
has mutliple A records to load balance across two different data 
centers.  This has worked very well with greylisting so if you can 
rethink your A records behind the MX records, then I would recommend 
going that route like I did.


# dig ena.com mx +short
10 smtp.ena.net.
20 smtp2.ena.net.

# dig smtp.ena.net +short
96.5.1.4
96.4.1.4

and then:




If both servers are setup identically, just make 2 A records like 
smtp.ena.net above and use them in an active/active DNS load-balanced 
way rather than as a backup MX.  Backup MX'es are used in a very 
specific way that you probably don't need based on the added complexity.



What is the MTA you are using?

Postfix 2.11.3



You could script some postconf commands on the secondary (higher 
priority) MX to temp fail everything until the primary is unavailable 
then adjust/reload default configs from the primary server to start 
accepting mail.



This is not clear for me: what do you mean (and eventually how do it) 
for: "script some postconf commands on the secondary (higher priority) 
MX to temp fail everything until the primary is unavailable then 
adjust/reload default configs from the primary server to start accepting 
mail"?

Thanks!



If this is too much, then perhaps it's not the needed solution.


If you do this, then you need to make sure the secondary servers are 
setup identically to the primary to filter identically.

the two setup are identically.




As mentioned above, just use them in an active/active way like 
smtp.ena.net.  If this is for msw.it:


# dig msw.it mx +short
5 posta.msw.it.
10 posta2.msw.it.

# dig posta.msw.it +short
88.33.124.107
# dig posta2.msw.it +short
77.43.50.11


Change the posta2 A record to just posta and delete the 10 MX record so 
it would look like this:


# dig msw.it mx +short
5 posta.msw.it.

# dig posta.msw.it +short
88.33.124.107
77.43.50.11

--
David Jones






















					Reply via email to