--
On Fri, Jan 30, 2004 at 09:33:43AM -0500, Walt Reed wrote:
> You DO realize that a LOT of spamware delivers directly to higher level
> MX hosts right? So if you are doing something like:
>
> MX 10 spamscanner
> MX 20 mail1
> MX 20 mail2
>
> you will still get LOTS of spam to mail1 and 2 especially if you issue
> tempfails on spamscanner - it will fall back to delivering to mail1 and
> 2.
Yes, I have heard that spammers do that. On mail1 and mail2 I will
also run spamassassin which will then not scan the mail coming from
spamscanner because of the header added by the latter.
At the moment spamassassin is killing mail1 and mail2 when we try and
do scan all the mail. This is an effort to reduce the load on the two
mail servers. Spamscanner will be a much more powerful machine than
the two mailservers.
>
> What you will need to do is have mail1 and 2 NOT be accessable from the
> internet., and either use internal DNS or no MX records for them.
>
Then there is no failover when the first machine dies...
Regards
Johann
--
Johann Spies Telefoon: 021-808 4036
Informasietegnologie, Universiteit van Stellenbosch
"The Lord knoweth how to deliver the godly out of
temptations, and to reserve the unjust unto the day of
judgment to be punished;" II Peter 2:9
--
Content-Description: Digital signature
[ signature.asc of type application/pgp-signature deleted ]
--