Re: [Exim] Anyone for Mailer-Daemon??

Top Page
Delete this message
Reply to this message
Author: Jim Pazarena
Date:  
To: Exim Users Mailing List
Subject: Re: [Exim] Anyone for Mailer-Daemon??
Greg A. Woods wrote:
> [ On Monday, August 25, 2003 at 12:18:58 (-0700), Vineet Kumar wrote: ]
>
>>Subject: Re: [Exim] Anyone for Mailer-Daemon??
>>
>>What should a system operating as a backup MX do? If my server acts as
>>a backup MX for my friend's server, and my friend's server is down, then
>>I have no way of checking whether the local part of received messages is
>>valid (barring some sort of out-of-band valid-local-part-list-syncing
>>kludgery).
>>
>>What do you suggest for this type of situation?
>
>
> If you can't run your backup MX with the same (or more stringent)
> policies than your main server then don't run a backup MX at all.
>
> Why do you think you need a backup MX host in the first place?
>
> If your primary MX is going to be so un-reliable as to really need a
> backup then I would suggest current primary unreachable from the world
> and route all your mail through the more reliable server.
>
> --
>                         Greg A. Woods


consider this as a scenario:

mail.qcislands.net is a stand-alone server
    qcislands.net has one MX record only, that of mail.qcislands.net


now my web server (www.qcislands.net) is also a stand alone server
    it is however also named  "qcislands.net"
                                   (without any machine designation)
ALL MX records point to mail.qcislands.net _only_


I invariably see email on my web server destined to my customers
which actually reside on my mail server.
This leads me to believe that some mailers out there "ignore" MX
records and connect directly to the "A" record of the domain
(which would be in this case the web server).

I saw so much mail being rejected by my web server, that I finally
set up exim to act as a relay for mail.qcislands.net AS LONG AS it
can do a callout to the mail server to verify a valid address.

What I have been considering recently is to set up my web server
as a true secondary MX machine. However I don't want the complexity
of mirroring user IDs. So I'm kinda stuck.

I could set it up as a secondary, _and_ maintain the callout, however
if my link to "mail" goes down for whatever reason it will not accept
mail anyways; but at least the sender would get a temporary error rather
than an "unreachable" connection. (My mail server is on the island I
reside on however my web server is on the mainland on the other side
of my Telco T1 which does, occassionaly, go down).

any suggestions?

I suppose Greg's answer applies:

> If you can't run your backup MX with the same (or more stringent)
> policies than your main server then don't run a backup MX at all.