Les Mikesell wrote: > On Tue, 2006-06-20 at 15:02 -0500, israel.garcia at cimex.com.cu wrote: > >> even more details: >> >> 1. I use Mailscanner/postfix in the 3 MX's servers. >> 2. Using dig I get exactly the same of what I have in my bind server. >> 3. http://dnsreport.com/ reports no problem at all. >> > > Does the 'mail test' give you back the same MX servers you > see locally with the same values? If so you must have some > connectivity problem or there are cached records with different > values stored somewhere. Legitimate mailers should always attempt > to connect to the lowest value first and only try the next after > a failure. > > I've run a backup mailserver for four or five years now. This is common for several reasons. Basic connectivity issues.. a little slow or whatever... server loads or mail processes.. if you have any limit set for the number of allowed processes.. but, the single biggest reason is spam. Spammers will send directly to the backup system, knowing in most cases they are dumb machines (so to speak) and will more likely receive the mail.. and then your main mailserver will be more likely to receive mail from your own backup system.. A backdoor in so to speak. A very good idea by spammers. I recently moved my backup mailserver to a new IP address... about 3 months ago. The old backup mailserver is still getting pounded with mail destined for what it used to relay to the main server. This is absolute proof the DNS has nothing to do with this practice. It is not so easy to provide a proper setup for a backup mailsystem.. and is more complex in a hosting environment. A lot of domains to deal with. I wouldn't worry too much about the fact that some mail is making it to the backup systems and in fact just praise myself for that part working.. and then get on with the business of dealing with how to stop it when it shouldn't go there.. which will require some other avenue. It's also important to stop that spammer technique, as once the mail makes it to the main mailserver.. if the user doesn't exist, you'll be sending a return message back from you main mailserver to an address that doesn't exist.. and this is deemed spam itself by many (although I disagree).. and you may find your system on some of the blocklists out there. Best, John Hinton