[HLUG] Exim 4.50 on Debian 3.1 external greet_pause?

John Hedges john at drystone.co.uk
Tue Jan 30 09:43:11 GMT 2007 

Hi Andrew

[snip]
> >> Your configuration is interesting in that you are leveraging the
> >> secondary MX as a mail queue. In many ways, I prefer it to mine which is
> >> a primary MX on a permanently connected VM with mailboxes and either
> >> IMAP direct to that host, or fetchmail for distribution into mailboxes
> >> on a lan server. Either way, I rely on some sort of polling with IMAP or
> >> POP3. However, you have two sets of ACLs to keep in sync and the
> >> necessity to route inbound SMTP through your firewall.
> 
> The later is trivial surely, and there aren't really many ACLS on the secondary (I had Mailhop, costing around £15 per year, and there is nothing to configure).

[snip]

> >> Why don't you make your secondary MX your primary? It would always spool
> >> when it couldn't forward to your home and you'd only need one set of
> >> ACLs (plus a very simple one on your home server to allow SMTP only from
> >> your mail server and lan). This would give you the same functionality,
> >> would make more sense primary/secondary-wise and would allow you to
> >> tighten your firewall.
> 
> Actually I did this back in 2002 when I was on an ISDN connection.  In that case I used ETRN when the connection was up, because I wanted direct delivery to my domain.  In this case the MX used a configuration whereby it always sent messages to the static IP address, not to the first MX on the list, but this isn't always easy to arrange, so is worth baring in mind.
> 
> >I buy my backup MX as a service and have no control over it (it
> >doesn't have any spam/AV controls on it) so I have to implement those
> >anyway on my primary and I might as well allow connections from any
> >sender as I have to deal with all the email on that machine anyway.
> >To be honest I am thinking in the future of having a primary sitting
> >in a permanently connected VM just so I can read new email without
> >having the machine turned on at home, but conversely I would keep the
> >backup in case of outages (the backup MX service costs peanuts).
> 
> As I said, the main reason for ditching it here is due to the bounces which I see (I see the rejection log in Sendmail so I know what is being returned to users).  I have also kept a low spec machine on 24x7 at home for years, so its pretty much taken as read now.  

This is really what I'm getting at. A secondary MX without proper ACLs
is a nuisance. Spammers will regularly use a secondary MX, either
directly or because the primary rejects their mail. If you accept mail
regardless, onto any mail server, you are doing spammers a service by
allowing them to deliver. What's more, you cause a lot of back scatter
when you finally process the message, discover it's spam and send
failure notifications to forged, innocent people's, email addresses.

You are right to ditch your backup unless it's configured with ACLs that
are kept roughly in sync with your primary. I know it's not a huge
amount of work, but, in my opinion, it's just not worth the effort as
the mechanism already exists for senders to resend on the rare occasion
when your mail server fails ... sorry if I'm going on a bit :)

Cheers

John

More information about the Herefordshire mailing list