Re: [Exim] Backup MX and host_reject issue

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Dave C.
Date:  
À: Phil Pennock
CC: Exim Users Mailing List
Sujet: Re: [Exim] Backup MX and host_reject issue
On Wed, 4 Apr 2001, Phil Pennock wrote:

> On 2001-04-04 at 01:34 -0400, Greg A. Woods gifted us with:
> > That's simply not true (I'm speaking of the "really good" part, that
> > is). Any mail server worth receiving mail from will hold onto it
> > (unless you tell it to bounce it with a 5xx SMTP reply code, of course)
> > and retry until you fix your local mailserver and get it back online.
>
> Define "worth receiving mail from", please.
>
> I have family in several different countries, using various ISPs of
> varying qualities. Most of my relatives are not heavy users, so ISP
> cost is an issue.
>
> I simply don't trust many of the MTAs out there in the wild. Especially
> the ones running on Windows. Whilst I don't agree with breaking
> standards to support broken systems, using the standards in a way which
> creates a set-up which is more resilient to broken head-of-junk systems
> is, well, part of that whole interoperability thing.


Yes.. "Strict compliance in what you send, lenient in what you accept"..
Although in some cases which end of the sending or receving end you
should consider yourself to be on is difficult. Also, spam blocking
efforts is one of the few exceptions usually recommended to this rule
(Of course, no one is forcing you to agressively reject spam - if it
doesnt bother you that is of course your choice to make as long as it
isnt affecting someone who it does bother (eg, if you are an open
relay))

> I do not directly control my backup MX. A trusted friend does. He
> reads exim-users and his box is in a different country with connectivity
> via completely different suppliers. We simply did a mutual swap of
> backup MXes.


A better solution might be swap physical machines - he sets up a spare
486 or Pentium-I machine on his network with his/your choice of unixen
on it, configures IP networking on it, and gives you an account and the
root password, and you install exim and configure its anti-spam
facilities in ways which match your desired configuration. You do the
same thing for him at your end.

> If my machine goes down and dies, I'm prepared to accept that some spam
> is the price I pay. Whilst I loath spam, I'd rather receive a little as
> a consequence of an error on my part than lose mail from family. Though
> some of that's worse than spam ...


You'll get the spam wether your machine is down or not - either the
spammer will send to your secondary MX without even trying the first, or
after your main MX rejects the spam attempt it will then fall back to
the second.

(BTW if you have the appropriate resources, you could offer webmail
accounts to your family which would be hosted right on your server - no
worry about blocking screwed up foreign ISP SMTP servers by accident,
and an additional plus is that delivery is that much faster)

> Although actually, he's the one who pays that price more, since he uses
> various RBL mechanisms and I don't. I've looked at how often his mail
> system hangs up solid because of a lack of reachability of an RBL (often
> deliberate on the part of a carrier). I don't believe in introducing so
> many extra dependencies. If my spam level ever gets up to the point of
> irritating-me-until-I-sort-a-fix then I'd look for some kind of RBL
> mirroring thing, or privately built list. But then, I'm just like this.


exim has RBL timeouts which can be adjusted.

>
> > You really do not want it.
>
> You don't. Others might. It's a big world and different people need
> different things. As long as what they need doesn't negatively impact
> upon you, it's not really an issue.
>
> *shrugs*
>


--