> Normally, primary and secondary MXs are different, separate, servers, running > their own mail server; this is a non-issue in that case. You are apparently > just using multiple IPs on the same mail server.
Yup — which is useful for other reasons (some of the spam filtering stuff doesn’t have a shared datastore in mysql for things like Gordon’s comeagain filter). > But its doubtful that this is going to achieve much. Given high enough > volume, random DNS and routing gremlins will ensure that some percentage of > non-junk email will hit your backup MX; given that, and the fact that some > junk mail sources will try primary MXs first, and others will try secondary > MXs first, you wouldn't be able to draw any conclusions anyway. That’s why I’m curious to log this. Ideally, I’d actually run three different priority MX hostnames all on the same server. Without any filtering, all three IPs would equally except stuff, and I should see all the traffic flowing to the highest priority (lowest numbered) mx. The theory that spammers go for the lowest priority (highest number) MX would be easiest enough to check if courier logged the IP — even if just statistically probable that spam goes there, along with some ham, that’s useful info. SpamAssassin, for example, could be more sensitive in that case. (Actually, that’s another really good argument for having the IP: if the primary MX is up, but you’re connecting to the secondary MX, then I want to hit that message with a non-RFC compliant penalty in the scoring — which in practice is more easily done by tweaking down the allowed spam threshold.) If I were able to log the IP of the inbound connection, my guess is, based on what I’ve seen so far and read elsewhere, that there is some modest but still worth-it gain in having a highest priority MX that outright rejects connections (but with the ability to whitelist some senders, in case of having important email coming from a non-RFC-compliant server), a middle priority MX that acts as normal (I’ve found a huge win with using the comeagain filter in combination with spamassassin scores above 1.5 — selective comeagain — I sent Gordon a patch for this), and a lowest priority MX that always 429 rejects email. What I’d like to do is be able to log the connection IPs to get some quantitative numbers around this. -J ------------------------------------------------------------------------------ Dive into the World of Parallel Programming. The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
