> > Setting up a secondary MX server means having a second box, not creating a > > second instance on the same server. If you have a hardware failure or > > someone unplugs the ethernet by mistake, you will not receive any mail. > > Mike is looking for a 'virtual secondary MX server' to test the theory > that spammers target secondary MXs, not for hardware fall-back. > So having a second instance of sendmail on the same box will work for > this (provided that he assigns it a different IP address).
Exactly. > As another poster stated, use DaemonPortOptions to set the listen-on > addresses. Note that you'll have to set it in -both- the primary and > the secondary configs to restrict each one to it's respecitve interfaces. > Make sure that the primary grabs the real network IP & the loop-back > addr. > > > It's probably a bad idea to automatically feed anything into sa-learn. > [snip..] > > I agree with this whole-heartedly. It's pretty trivial to set up a > 'program' mailer delivery agent to take all mail matching a particular > criteria and feed it into a program such as "sa-learn --spam" but > without human verification you're setting yourself up for a fall. > > What if your primary daemon got choked up or died for -any- reason? > (program bugs do happen ;). Then everybody in the world would feed > their messages to your secondary MX and it would all get learned as > spam. ;( I didn't quite think it out that far. Duh. I'm used to having a single MX, and mail queueing at the sending end. > What you could do would be to set up your virtual secondary MX, feed > it thru SA in the normal method, create a SA rule that would look for > the secondary MX's address in the headers and add a few points to > the score as a more-probable spam. (or add a header that could be > used to route the messages into a 'holding bin' to be manually looked > over). Sendmail's mailertable should invoke before the local mailer, so if that's the case, it could queue mail from the real instance of Sendmail for delivery when the real daemon is available, and real mail wouldn't get learned. But, your way is safer. Mike Jackson
