[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#207300: tmda: Challenge-response is fundamentally broken

* Florian Weimer <fw@deneb.enyo.de> [030827 19:08]:
> That's why it's better to get rid of generic MX secondaries (IOW
> secondaries which are not under you administrative control).  The
> effect you describe hampers effective anti-spam measures, too.  

It can also help anti-spam measures. They are in my eyes a good solution
for large universities together with a block for incomming smtp-messages
except to one or two central machines beeing backup MX for anything. 
I don't know a better way to close open relays.

> For
> example, you might want to defer a message from a sender whose
> temporarily domain doesn't have any MX (or A) record.  If you do this,
> significant numbers of messages will pile up in the queues of your
> secondary MXes, and their operators won't be happy about that.

This is merely an argument againt badly configured backups or backups
with operations getting sad to fast...

Hochachtungsvoll,
  Bernhard R. Link

-- 
They said: "Smile and be happy, it could become worse."
And I smiled and was happy. And it became worse.
Reply to: