On Fri, 2015-02-13 at 11:04 -0600, Les Mikesell wrote: > I'd recommend not having a secondary MX at all unless it is equipped > to reject invalid users and spam in all the same ways as your primary. > Otherwise it accept junk that your primary rejects and then you are > obligated to send a bounce message which is always a bad thing - you > want the authoritative receiver to reject at the smtp level instead of > accepting at all. There's a whole category of spam where the real > target is the apparent sender where a bounce will go. Also anything > sending valid mail should be prepared to queue and retry on temporary > failures just as well as your own secondary would. On some domains I have 3 MXs - primary, secondary and tertiary - all share exactly the same coding, configuration and reporting. Absolutely no sense is weakening security for any MX although some spammers think the highest numbered MX is the weakest ! -- Regards, Paul. England, EU. Je suis Charlie.