Re: virus scanning
On Mon, 16 Feb 2004 14:18, Josip Rodin <firstname.lastname@example.org> wrote:
> On Mon, Feb 16, 2004 at 01:57:12PM +1100, Russell Coker wrote:
> > > Hey, I know all about it. Even when people don't do it entirely
> > > wrongly, they can still screw up. Various yahoo.tld mail servers don't
> > > reject invalid recipients at RCPT stage but at DATA. (I highly doubt
> > Unless you're doing call-outs then rejecting at the DATA stage is OK.
> I am doing callouts, but they'd still be getting stuck in my queues even
> if I wasn't. They'd be getting stuck with all the other stuff that callouts
> avoid, though.
If a 550 is sent then it should not be stuck in your queues, it should be
> > > > If so why not just have a SMTP proxy on the MX secondary which passes
> > > > all data through to the primary if it's available, and sends it
> > > > locally for queuing otherwise?
> > >
> > > Ahm. That's basically what a secondary MX usually does, you know. :)
> > No. Secondary MX's usually receive the mail, queue it, and then send it
> > on if possible. They don't just open a TCP connection to the primary and
> > pipe the data through unchanged.
> There's not much negative difference (a small delay, a small resource
> usage), and the advantage of not bothering the primary MX is lost, so I
> don't see much reason to prefer that.
The negative difference is that it forces you to have the same configuration
in terms of valid recipients and virus/spam filters for both the primary and
secondary to avoid sending the unwanted bounces to innocent victims that
started this thread!
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page