Re: [Exim] Using secondaries for anti-spam (was "Secondary M…

Góra strony
Delete this message
Reply to this message
Autor: Wakko Warner
Data:  
Dla: Alun
CC: exim-users
Temat: Re: [Exim] Using secondaries for anti-spam (was "Secondary MX - defer if primary is up")
> All this discussion has got me thinking of "yet another bad idea (tm)". What
> if I were to run a secondary MX on an IP alias on one of my primary servers.
> All mail attempted to this IP would be deferred at RCPT time (I should
> mention that aber.ac.uk doesn't have a secondary mx at all at the moment).


Thought about it, but I can't do it because I don't have 2 IPs on the same
machine =(

> Lots of people seem to say that spammers hit the secondary rather than the
> primary on the basis that the checks are less stringent there. If I defer
> that stuff, nobody gets hurt, but some of my spam might go away. The primary
> should always be reachable when the secondary is (after all, it's the same
> exim process that's handling it all) so no legitimate stuff should ever go
> there. If it did, the temporary deferral should cause it to try the primary
> again. So all I'm doing is blocking "secondary mx spam".
>
> Better still, if I remembered the IPs that tried the secondary first, I
> could feed that information into my spam scanning on the primaries - give
> them a few spamassassin points or delay them or something.
>
> So... what's the catch? I can't think of any...


Some servers (I think aol was one) tries the first found MX regardless of
priority. I have seen this myself. DNS does roundrobin for MXs ignoring
the priority.


--
Lab tests show that use of micro$oft causes cancer in lab animals