Author: Drav Sloan Date: To: Ken Price CC: exim-users Subject: Re: [exim] Is a secondary MX worth the effort? CONCLUSION
Ken Price wrote: > Yes. A secondary MX is worth the added maintenance and configuration
> headache if the costs of doing so make sense. Obviously various risk
> management and business requirements are factored into that equation
> which only you [or your business] can answer. All things being equal,
> however, the ability to take control away from the sending mail server
> and place it in your hands is worth the effort.
I personally believe they are not. Backup MXes are often the biggest
hit in terms of spam bombs, dictionary attacks and so forth (due
to the fact that in a lot of cases the secondary has no "user level
awareness"). I personally prefer putting the redundancy in a different
place, such as load balancing - this means you have the same
redundancy, but do not have the logistics of a backup MX that can
often get more traffic than the primary servers. It also avoids the
issues such as qmail that would continue to retry your backup MX
if it returned a 4xx series error, regardless of the primary mail
servers state.
> Sticking to the nature of this post, a defer-only 4xx secondary is
> just about useless. Sure, you can use it in a SPAM honeypot fashion
> to help reduce load on your primary, but I see *ZERO* value when the
> primary is down. An intelligent secondary is the only way to go if
> you determine a secondary MX is required.
I disagree. It is a quick snap to move a "intelligent secondary"
config into place and restart the exim daemon. Then you have a
"working" secondary when your primary dies (!).
> In my situation, I have a pre-configured "Disaster Recovery" server
> which already has a real-time, fully replicated [via VPN] copy of my
> production MySQL server - so I already have all the domain/user data I
> need to do email validation. It's practically sitting idle and would
> make a wonderful secondary MX. Since Exim is already configured on
> that box to take over primary MTA responsibilities, I'll be using
> Postfix instead of going through the hassle of running multiple Exim
> instances, but all MX functionality will be identical.
Load balance the server, it also means you can distribute your load
if you have a smarter load balancer. You can also quickly remove
the host from service when it "dies", as opposed to having to update
DNS to remove the MX host from service. This also (depending on the SOA
of your domain) could be days before the record stops being used
by the internet. Plus you also have the problem of older M$ hosts
which cache DNS regardless of the lack of the records and higher
serials in circulation. Which continue to try old "unavailable"
MX records.
I've worked for a few ISPs now, and in my experience they are far more
hassle than they are worth.