[CentOS] Mailers and records MX

Wed Jun 21 02:35:00 UTC 2006
John Hinton <webmaster at ew3d.com>

Les Mikesell wrote:
> On Tue, 2006-06-20 at 15:02 -0500, israel.garcia at cimex.com.cu wrote:
>   
>>  even more details:
>>
>> 1. I use Mailscanner/postfix in the 3 MX's servers.
>> 2. Using dig I get exactly the same of what I have in my bind server.
>> 3.  http://dnsreport.com/ reports no problem at all.
>>     
>
> Does the 'mail test' give you back the same MX servers you
> see locally with the same values?  If so you must have some
> connectivity problem or there are cached records with different
> values stored somewhere.  Legitimate mailers should always attempt
> to connect to the lowest value first and only try the next after
> a failure.
>
>   
I've run a backup mailserver for four or five years now. This is common 
for several reasons. Basic connectivity issues.. a little slow or 
whatever... server loads or mail processes.. if you have any limit set 
for the number of allowed processes.. but, the single biggest reason is 
spam. Spammers will send directly to the backup system, knowing in most 
cases they are dumb machines (so to speak) and will more likely receive 
the mail.. and then your main mailserver will be more likely to receive 
mail from your own backup system.. A backdoor in so to speak. A very 
good idea by spammers.

I recently moved my backup mailserver to a new IP address... about 3 
months ago. The old backup mailserver is still getting pounded with mail 
destined for what it used to relay to the main server. This is absolute 
proof the DNS has nothing to do with this practice.

It is not so easy to provide a proper setup for a backup mailsystem.. 
and is more complex in a hosting environment. A lot of domains to deal with.

I wouldn't worry too much about the fact that some mail is making it to 
the backup systems and in fact just praise myself for that part 
working.. and then get on with the business of dealing with how to stop 
it when it shouldn't go there.. which will require some other avenue. 
It's also important to stop that spammer technique, as once the mail 
makes it to the main mailserver.. if the user doesn't exist, you'll be 
sending a return message back from you main mailserver to an address 
that doesn't exist.. and this is deemed spam itself by many (although I 
disagree).. and you may find your system on some of the blocklists out 
there.

Best,
John Hinton