On 15/02/2012 12:51 PM, Trent W. Buck wrote:
FYI,
$ dig mx cyber.com.au +short 10 null-mx.cyber.com.au. 20 mail.cyber.com.au. 30 exetel.cyber.com.au. 40 tarbaby.junkemailfilter.com.
First one has --dport smtp -j REJECT. Second is the "real" MTA, third is the same thing via backup DSL line. Fourth is a tarpit.
That, greylisting and DNS RBLs are enough that I don't bother to parse message payloads (except for a few "problem" users, who get crm114).
That's quite clever, but it looks to me that it will add too many points of potential failure for legitimate mail. I have never ran a secondary MX -- the normal retries of any modern mail server take care of any transitory problems due to minor server outages (connectivity is the most likely problem). I figure if it isn't a proper mail server sending the message to you or they don't have a suitable retry queuing going on, then a person will usually re-send an email later or at least make contact some other way. It bugs me that I need to make greylisting exceptions for the big boys whom won't resend from the same IP address every time; their mail queues are handled by multiple machines with multiple public IP addresses. -- Kind Regards AndrewM