|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Spammers going to secondary MX
From: Alexander Hoogerhuis (alexh
ihatent.com)
Date: Wed Mar 10 2004 - 06:06:53 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Robert Fitzpatrick <robertwebtent.com> writes:
> I have Postfix 2.0.16 serving as a gateway (transports) doing
> SpamAssassin filtering and clamd. BTW, the whole setup was a breeze on
> my FreeBSD 5.2.1 using the ports collection. I have the gateway setup as
> the higher priority MX and the actual mail server as the lower priority
> for backup. The problem is, and I'm sure you've seen this in the past,
> spammers sending directly to the secondary MX record, bypassing my
> Postfix gateway. What are users doing about this? Is there a way to
> force mail through the higher MX or are most people just setting up a
> second gateway as backup instead?
>
There is also one more issue that could slam you nicely here. Imagine
you have a scenario where you have two able servers as equally
weighted primaries, and then you have your ISPs relay host lsited as
your third MX. What will normally happen is that the spammers iterate
through the list of MX'es and end up with your ISPs relay host that
will queue it and then try to deliver it to you; now that the mail has
been handed off and is queued, your ISP will in many cases try to
redeliver whatever piles up in their end (usually a three day backlog,
anything older getting dropped), which can in some cases consume
pretty nice amounts of resources at your end. At one one site I had a
look through they had a daily amount of ~20k spams, and thus the ISPs
server was trying to deliver about 60k spams every so often...
My favourite policy is to be tidy in what my customers put out on the
net, and the open about what you accept; usually run something like
amavisd-new/SA and dump mail above a pretty high score, tag below and
let the users Exchange-server use rules to move mail into folders in
the user mailboxes on reception.
> --
> Robert
mvh,
A
--
Alexander Hoogerhuis | alexhihatent.com
CCNP - CCDP - MCNE - CCSE | +47 908 21 485
"You have zero privacy anyway. Get over it." --Scott McNealy
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]