Re: [Exim] Anyone for Mailer-Daemon??

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Rennie deGraaf
Dátum:  
Címzett: Jim Pazarena
CC: Exim Users Mailing List
Tárgy: Re: [Exim] Anyone for Mailer-Daemon??
Jim Pazarena wrote:

>
> Greg A. Woods wrote:
>
>> [ On Monday, August 25, 2003 at 12:18:58 (-0700), Vineet Kumar wrote: ]
>>
>>> Subject: Re: [Exim] Anyone for Mailer-Daemon??
>>>
>>> What should a system operating as a backup MX do? If my server acts as
>>> a backup MX for my friend's server, and my friend's server is down,
>>> then
>>> I have no way of checking whether the local part of received
>>> messages is
>>> valid (barring some sort of out-of-band valid-local-part-list-syncing
>>> kludgery).
>>>
>>> What do you suggest for this type of situation?
>>
>>
>>
>> If you can't run your backup MX with the same (or more stringent)
>> policies than your main server then don't run a backup MX at all.
>>
>> Why do you think you need a backup MX host in the first place?
>>
>> If your primary MX is going to be so un-reliable as to really need a
>> backup then I would suggest current primary unreachable from the world
>> and route all your mail through the more reliable server.
>>
>> --
>>                         Greg A. Woods

>
>
> consider this as a scenario:
>
> mail.qcislands.net is a stand-alone server
>    qcislands.net has one MX record only, that of mail.qcislands.net

>
> now my web server (www.qcislands.net) is also a stand alone server
>    it is however also named  "qcislands.net"
>                                   (without any machine designation)
> ALL MX records point to mail.qcislands.net _only_

>
> I invariably see email on my web server destined to my customers
> which actually reside on my mail server.
> This leads me to believe that some mailers out there "ignore" MX
> records and connect directly to the "A" record of the domain
> (which would be in this case the web server).
>
> I saw so much mail being rejected by my web server, that I finally
> set up exim to act as a relay for mail.qcislands.net AS LONG AS it
> can do a callout to the mail server to verify a valid address.
>
> What I have been considering recently is to set up my web server
> as a true secondary MX machine. However I don't want the complexity
> of mirroring user IDs. So I'm kinda stuck.
>
> I could set it up as a secondary, _and_ maintain the callout, however
> if my link to "mail" goes down for whatever reason it will not accept
> mail anyways; but at least the sender would get a temporary error rather
> than an "unreachable" connection. (My mail server is on the island I
> reside on however my web server is on the mainland on the other side
> of my Telco T1 which does, occassionaly, go down).
>
> any suggestions?
>
> I suppose Greg's answer applies:
>
> > If you can't run your backup MX with the same (or more stringent)
> > policies than your main server then don't run a backup MX at all.
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users
> Exim details at http://www.exim.org/ ##



Why not just forward port 25 on the web server to the mail server? If
the reliability of the mail server is not an issue and the two machines
can communicate, then this is probably all you need. If you're running
Linux 2.4.x, you can do this with iptables.

Rennie deGraaf