RE: [Exim] Backup MX and host_reject issue

Top Page
Delete this message
Reply to this message
Author: Juha Saarinen
Date:  
To: Oliver Cook
CC: exim-users
Subject: RE: [Exim] Backup MX and host_reject issue
Thanks, Ollie, that's very useful input. I was kind of hoping that there'd
be a workaround of sorts that would let me keep the back-up MX, but also let
me implement the same access controls that I have on the primary MX.

So, just to absolutely sure (and because I'm a total bonehead), there's no
way I could for instance use another Exim-equipped host as MX back-up, and
have it check a blocked senders file, before forwarding queued-up mail to
the primary MX?

Yes, my primary MX accepts everything from the back-up MX. It's not on the
same subnet though...


Cheers,

-- Juha

:: What Philip, and the others who have contributed to this thread
:: are saying is
:: that there is little point in a backup MX if you don't control
:: it. Only if
:: you control it are you able to make decisions about what to
:: accept and what to
:: deny.
::
:: Leaving it up to your ISP is all well and good inasmuch as
:: you'll still get
:: mail from hosts that wouldn't otherwise have queued it locally
:: for that long, if
:: you primary MX is down for any substantial length of time; but
:: you'll almost
:: certainly end up with a load of spam that your primary MX would
:: have rejected,
:: *had it not come from your backup MX* [1].
::
:: While we're on the subject of backup MXs, it's probably worth
:: stating the obvious
:: and saying that having a backup MX on the same subnet as your
:: primary MX is not
:: ideal, for the same reasons as having all DNS servers on the
:: same subnet is not
:: ideal (as per Microsoft's c?ck-up earlier this year). In case of
:: a network failure
:: neither host will be accessible. Having backup MXs on the same
:: subnet does cover
:: you for 'configuration errors' which happen from time to time,
:: however! :).
::
:: I hope that's of some use,
::
:: Ollie
::
:: [1] I expect that your primary MX is accepting all mail from
:: your ISP's backup
:: MX at present?
::
:: --
:: Oliver Cook    Systems Administrator, ClaraNET
:: ollie@???      020 7903 3000 ext. 291
::
::