On Saturday, June 30, 2012 09:12:59 PM Michael J. Tubby B.Sc G8TIC wrote:
> Chris,
>
> While your idea is interesting its not necessarily scalable, I have 800+
> domains each with 1-1000 addresses...
Absolutely. This solution is definitely not meant for that kind of scale.
For the kind of scale you're dealing with, one of the things I've done in the
past is email routing via LDAP lookups and then using several multi-master
LDAP servers that keep each other in sync, and where the respective local
email administrators update their local LDAP server for the domains they
control. This solution makes the general assumption that you can trust the
other admins though, so it might be a solution relegated to a single
organization and it's subsidiaries.
It think it's interesting to consider whether this kind of thing could
possibly be used cooperatively between organizations, though. It's not
unheard of even in large multi-organizations for there to be a combined email
solution. [I remember reading about a large Exchange solution used by Ford
Motor Company combined with others, which really sounded like trouble to me.]
> I use recipient verify, i.e. I call out to the next hop host and verify
> the recipient. The host is usually present, however if it is not
> contactable then I default to accepting the mail and queuing it. This
> means there's a slightly higher chance of them getting spam (backscatter
> spam) while their host is offline.
Yes, although your mail server(s) will be serving the backscatter spam when
that inevitably happens. That's what happened to me when I tried using this
solution, and that's why I didn't like it. :-/ Unfortunately there were
several service interruptions on the mail servers for relay domains which
forced me to come up with some kind of solution.
> I think this compromise is acceptable and avoids me having to know my
> clients' email addresses.
Having to know and/or deal with your clients' email addresses isn't a fun
thing, but backscatter spam is worth trying to avoid if possible.
-- Chris
Chris Knadle
Chris.Knadle@???