> i usually have my backup MX accept everything and then don't treat > them specially on the primary. thus, policy is still enforced on the > primary, but there is a proper backup path *under my control* should > the primary be unreachable for whatever reason.
With this approach you can't bounce RBLed messages at SMTP connect time
though, right? (I realize that RBLs are semi-controversial, especially at
the ISP level.)
We recently dropped our secondary MX as it was just being abused to get
spam past the RBLs on our primary. (I.e. _no_ valid mails were being
delivered through the secondary MX.) The secondary MX was not under my
direct control which complicated matters a little as then I could not even
attempt to make the policy the same on the secondary as it was in the
primary.
Thanks,
Dale
--
Dale E. Martin - [EMAIL PROTECTED]
http://the-martins.org/~dmartin
pgp key available
signature.asc
Description: Digital signature
