[Wolves] Couple more mail questions

Andy Smith andy at lug.org.uk
Sat Nov 4 16:57:19 GMT 2006


On Sat, Nov 04, 2006 at 01:23:41PM +0000, Wayne Morris wrote:
> If you run two mail servers, one main + one backup and mail is received 
> at the backup then would I be right in thinking that the
> backup receives ALL mail for the domain ie AAAA at domain.com thru 
> ZZZZ at domain.com including mail to valid usernames.
> Then when the time comes for A to receive the mail from the backup, it 
> rejects all but valid users leaving the backup to send reject emails 
> back to the originator.
> However, if the originators mails were spoofed, you end up with a load 
> of frozen bounces on you system?
> This is the way I understand it, anyway around it?

Yes, and you are advised to find a way around it as spammers often
skip the primary MX going straight for the backups on the (often
correct) assumption that they have less stringent antispam measures.

Basically you either need to find a way to export the list of valid
recipient addresses to the backup server(s), or else make the backup
server(s) query the primary one to establish if the recipient is
valid.

Exim can easily do the latter if you enable recipient verification
callouts.  During the SMTP conversation with a sending host, as soon
as it issues the RCPT command to say who is to be receiving the
email, Exim will connect to the next hop along to do the same.  If
the next hop says no then Exim will say no, and the conversation is
aborted before any mail is accepted.  If the next hop says yes, or
it times out, then Exim accepts and caches this fact.

Of course, if the primary server should die then your backup(s) will
start accepting all mail, but this should hopefully be a very rare
event.

> 
> Second Q, is there an easy way of migrating mailboxes from one system to 
> the other or better still having a live copy of both on each box -
> only a handfull of users.

You could keep the mailboxes on a networked filesystem and get users
to use IMAP to each of the multiple mail store machines.

Cheers,
Andy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://mailman.lug.org.uk/pipermail/wolves/attachments/20061104/7c64a9b7/attachment.bin


More information about the Wolves mailing list