This is probably a no-brainer for many, but the "solution" to a problem just
came to me a while back this morning, and it works. For me. YMMV.
(This is my exim 3.36 installations - this is probably easier done in 4.2x
using ACLs, but I cannot upgrade for a while)
The problem: I use "receiver_try_verify" on my main mail server to check the
destinations, but it appears that spam sender software just shotguns all
MXes of a domain. My MXes are not intelligent and just operate on
"relay_domains_include_local_mx". So it all still floods in to be later
rejected and filling up my queues.
The solution: "balance". I make the MXes listen only on localhost
(local_interfaces = 127.0.0.1) and then run balance (balance.sourceforge.net
???) using:
/usr/local/bin/balance -b mx-30.mail.knowtion.net smtp \
mailstore-1.mail.knowtion.net \! localhost
This tries my mail mailserver and falls back to localhost if the server
cannot be reached. This almost gives me the same fallback mechanism, but
lets crap queue up when the main mail server is not listening on port 25. I
can live with that.
I originally thought of doing this in my OpenBSD firewall, using routeing
options, but it only allows round-robin and not fail-over attempts.
If this information helps anyone, great. If not - it's in the archives for
others.
rgds,
--
Peter