Ken Price wrote: > Yes. A secondary MX is worth the added maintenance and configuration > headache if the costs of doing so make sense. Obviously various risk > management and business requirements are factored into that equation > which only you [or your business] can answer. All things being equal, > however, the ability to take control away from the sending mail server > and place it in your hands is worth the effort.
I personally believe they are not. Backup MXes are often the biggest hit in terms of spam bombs, dictionary attacks and so forth (due to the fact that in a lot of cases the secondary has no "user level awareness"). I personally prefer putting the redundancy in a different place, such as load balancing - this means you have the same redundancy, but do not have the logistics of a backup MX that can often get more traffic than the primary servers. It also avoids the issues such as qmail that would continue to retry your backup MX if it returned a 4xx series error, regardless of the primary mail servers state. > Sticking to the nature of this post, a defer-only 4xx secondary is > just about useless. Sure, you can use it in a SPAM honeypot fashion > to help reduce load on your primary, but I see *ZERO* value when the > primary is down. An intelligent secondary is the only way to go if > you determine a secondary MX is required. I disagree. It is a quick snap to move a "intelligent secondary" config into place and restart the exim daemon. Then you have a "working" secondary when your primary dies (!). > In my situation, I have a pre-configured "Disaster Recovery" server > which already has a real-time, fully replicated [via VPN] copy of my > production MySQL server - so I already have all the domain/user data I > need to do email validation. It's practically sitting idle and would > make a wonderful secondary MX. Since Exim is already configured on > that box to take over primary MTA responsibilities, I'll be using > Postfix instead of going through the hassle of running multiple Exim > instances, but all MX functionality will be identical. Load balance the server, it also means you can distribute your load if you have a smarter load balancer. You can also quickly remove the host from service when it "dies", as opposed to having to update DNS to remove the MX host from service. This also (depending on the SOA of your domain) could be days before the record stops being used by the internet. Plus you also have the problem of older M$ hosts which cache DNS regardless of the lack of the records and higher serials in circulation. Which continue to try old "unavailable" MX records. I've worked for a few ISPs now, and in my experience they are far more hassle than they are worth. Just my 2ps worth. Regards Drav. -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
