[Gllug] Rejecting mail at backup MX

Jack Bertram jack at jbertram.net
Tue Feb 17 11:00:27 UTC 2004 

* Alistair Mann <alistair at lgeezer.net> [040217 10:39]:
> Thus spaketh Bruce Richardson on Wednesday 11 February 2004 1:18 pm:
> > On Tue, Feb 10, 2004 at 08:36:15PM +0000, Alistair wrote:
> 
> > > What you seem to be suggesting is that you use backups and primaries as a
> > > single zone where everyone legitimate is "local".
> >
> > No, I'm not.  What you are trying to do is describe my way of doing
> > things in your very arbitrary and (imo) entirely bogus terminology.
> 
> I notice that Jack was the original OP, not you: my apologies for that as I've 
> been responding as if he were you...

I'm an "original original poster"? :)

> 
> Paraphrased, Jack asked: "How can I stop the backup MX from accepting mail for 
> users that don't exist on the primary server?". He elaborated that LDAP would 
> be 'overkill' on a 'small system'.

Yes.

> Arbitrarily and bogusly, I've admined small mail systems for some time. My 
> experience has been that backups see very little mail going through them, 
> compared to the primary and that backups in small systems deliver mail 
> onwards to the primary. 

But the mail that backups see is usually spam...

> This is not to assert this is the only way of 
> handling things: it isn't (though I can see how what I wrote might be taken 
> that way). It's not to assert that anyone who handles things differently is 
> 'wrong'; it isn't to suggest that this is how google or hotmail do things -- 
> I'm sure they don't. 
> 
> It's to say that in my view of his situation, it is acceptable for a backup to 
> accept all properly addressed mail on behalf of that unavailable primary (ie, 
> act as a mail relay), and that MX order is a viable way of presenting it to 
> the world.

I agree that it's acceptable - of course, it does mean that my backup
mail queue is permanently full of 50-100 messages which periodically get
rejected from the primary mail server and 50-100 NDRs which periodically
get rejected from the mail server of forged origin.

After starting this (rather violent!) discussion and observing the
relative arguments with interest, I think that I am going to go for
synchronising recipient maps as per Jason's description.

cheers,
jack

-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug

More information about the GLLUG mailing list