Hi Jakob,
On Wed, 16 Jun 2010, Jakob Hirsch wrote:
>>> relays was blocked on my mailserver because it connected to the second
>>> MX without trying the first one before...
>>
>> For the reasons that Heiko and Graeme gave, I would strongly recommend
>> against blocking anyone on this basis. (i.e. there could have been a
>> temporary problem when they tried to contact your primary, so you might
>> not have knowm that they tried).
>
> The things said about such a setup do not apply here. As I wrote, the
> two MXs resolve to IPs ending up on the same host. They are even
> connected via the same physical network. Even in the very unlike case
> that there is a transient problem at the time of the connection attempt
> to the first address, which does not exist at the time of second
> attempt, the delivery will be retried again, multiple times.
How do you know whether or not they tried and failed to connect to the
primary MX before hitting the backup?
If you block them, as you said above, then what does it matter how many
times they retry?
Cheers, Chris.
--
_ ___ __ _
/ __/ / ,__(_)_ | Chris Wilson <0000 at qwirx.com> - Cambs UK |
/ (_/ ,\/ _/ /_ \ | Security/C/C++/Java/Perl/SQL/HTML Developer |
\ _/_/_/_//_/___/ | We are GNU-free your mind-and your software |