primary / backup mail server

Bill Campbell linux-sxs at celestial.com
Tue Dec 4 14:37:06 PST 2007 

On Tue, Dec 04, 2007, Vu Pham wrote:
>Recently some incoming email to  my mail servers were delayed from eight 
>hours to several days. I did some research and found the following things:
>
>1. Some emails were from ISP-type mail servers and some of those mail 
>servers were listed as spam servers. Those emails were getting bounced 
>back and finally got to my mail server after their mail servers ' status 
>were cleared from spam servers. ( I am surprise to see many business 
>emails using ISP-type mailserver instead of having their own mail servers ).
>
>2. Some emails were trying to contact the backup mail server instead of 
>the primary one.
>
>For the emails of the second case, why did they try the backup mail 
>server ? Both the primary and backup are in the same network, same 
>communication link from the ISP.

Spammers will often try higher distance MX servers in hopes that they have
less stringent anti-spam filters than the primary's.  If we're going to
configure more than one secondary MX, we put them in at the same distance
as there's no reason to have messages passed between non-delivery MX
servers.  We make sure that the secondaries have the same anti-spam
configuration as the primaries.

Having the secondary MX server on the same network is probably not a Good
Idea(tm) as it doesn't address the problem of a network/router failure.  If
one is going to have any secondary servers, it's best that they be
geographically separated, and that you have some control on the expire time
in case of extended outages (some of the primaries we backup were down for
a week last December due to a power outage so I had to tweak things here to
keep messages around longer).

>Does it mean the link was overloaded so the remote mail servers have to 
>try the backup one ?

That's the theory, but, as I said above, spammers often will try backup MX
servers in hopes of getting through them.  I see connection attempts to MX
addresses that we haven't used in 10 years or more (not to mention
thousands of spam sent to subdomains of ours that were last used when we
provided dialup uucp connections to various organizations here in the
Seattle area.

Bill
--
INTERNET:   bill at celestial.com  Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/  PO Box 820; 6641 E. Mercer Way
FAX:            (206) 232-9186  Mercer Island, WA 98040-0820; (206) 236-1676

Politicians - card carrying members of the burglars union - like you to
remember, they can reach in your pocket with impunity. -- Ted Roberts

More information about the Linux-users mailing list