[Gllug] Rejecting mail at backup MX

[Jason Clifford]

On Fri, 13 Feb 2004, Nix wrote:

> >                                    I just use recipient callout, where
> > the mailer connects to the destination system and does this:
> > 
> > 	helo exim.box
> > 	mail from: alleged.sender at alleged.source
> > 	rcpt to: recipient at domain.org
> > 
> > and rejects the mail if the end system rejects it.
> 
> Er, isn't this what every single relaying MTA on the planet does? :)

No because most relaying MTA's do not connect to the primary MX (or next 
preference MX as apporpriate) until after it has accepted and queued the 
message.

Bruce's scheme involves connecting to the primary (or next) MX from the 
backup MX immediately upon receipt of the RCPT TO from the sending host.

When everything is working well this means that Bruce's backup MX 
system(s) will not accept email for any recipient that would have been 
rejected by the connection had it been made to the primary (or next) MX 
server instead of the backup.

See my previous posts in the thread for my concerns re this scheme and my 
thoughts on how to implement similar levels of protection.

Jason Clifford
-- 
UKFSN.ORG		Finance Free Software while you surf the 'net
http://www.ukfsn.org/	   ADSL Broadband from just £23.75 / month 

-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug