Re: Value of backup MX
On Wed, 10 Nov 2004, Craig Sanders wrote:
> backup MX is obsolete these days, very few people need it (most of
This does seem to be a prevailing opinion but I think backup MXs are
valuable now for the same reason they always were - outages happen. We
have no way of knowing how long a remote MTA will continue attempting to
resend, even if it is following the rules of SMTP. I do not want to lose
mail because a remote admin can't afford to hold mail for very long
(assuming a major issue like a hardware fault).
I do fully support the idea of the backup MXs having the same anti-spam
capabilities as the primary (rsync over ssh can do wonders)
Peered MXs (eg, 2 x MX 10) and dynamic backups which don't just queue mail
but continue to deliver when the primary is down are even better.
> those who *think* they do are just running on ancient & obsolete
> gossip/"common sense" from the days when backup MXes were useful).
> almost all mail these days is delivered by SMTP, and all real SMTP
MXs are hardly useful for mail that is not travelling over SMTP :)
> servers(*) will retry delivery. this works perfectly well without a
> backup MX, and in fact works BETTER without a backup MX.
How does it work _better_ without a backup MX?
> if you do have a backup MX, then you need to have the same anti-spam
> & anti-virus rules as on your primary server AND (most important!) it
I agree with this (as noted above)
> needs to have a list of valid recipients, so that it can 5xx reject
> mail for unknown users rather than accept and bounce them (known as
I disagree with this. I'd sooner not have a backup than use this
strategy. Sounds like a good way to lose new customers.
> btw, backscatter also causes problems for you and your server. many of the
> spam/virus bounces are from undeliverable return addresses, so they end up
> clogging your mail queue for days and slowing the entire system down.
Only if the queue is really huge, honestly.
> having a backup MX that you don't control is a very bad idea.
Yes. Spam aside you are placing much trust in the admins of the backup
MX if you do this.
> if you have one, get rid of it ASAP.
One opinion :) I happen to have a different opinion.
Rob
--
Robert Brockway B.Sc.
Senior Technical Consultant, OpenTrend Solutions Ltd.
Phone: 416-669-3073, Email: rbrockway@opentrend.net, http://www.opentrend.net
OpenTrend Solutions: Reliable, secure solutions to real world problems.
Reply to: