In a world where most MTA's will retry a message up to 5-7 days, is a
secondary MX worth the added maintenance and configuration headache?
I have a primary datacenter in Atlanta where I have a small load
balanced cluster of MTA's. I also have a disaster recovery site
located in Dallas which can be used should Georgia fall into the
Atlantic. Theoretically, a cheap secondary MX located in - say
Seattle - would ensure that any email sent during major outages which
are less than catastrophic (5 minutes - 5 days) would be spooled and
delivered once the primary comes back up. I say "less than
catastrophic" meaning that my data center and core infrastructure
still exist, but maybe all my hard drives in all my mail servers
decide to spontaneously fail.
I understand that all anti-spam measures (spamassassin, greylisting,
etc) would have to be duplicated on the secondary MX to keep it from
becoming a SPAM relay for my domains.
I find myself completely torn. Can anyone give me their reasons for
using a secondary ... or not using?
Oh, btw. This is a small hosting provider setup with ~2000 domains
and ~100,000 msgs/day.
Thanks!
Ken
