Fallback mailserver

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Fallback mailserver

Wim Groen
Hello,

At the moment I've got the following situation for all our domains:
DNS:
Mx1.mydomain.com MX 20
Mx2.mydomain.com MX 20

Now I want to make a fallback mailserver with Postfix. I want to add a
MX record:
Fallback.mydomain.com MX 100

I want to configure the fallback server to accept mail only when
fallback.mydomain.com is returned in a MX lookup. Is that possible?

Hope you guys can help me out.

Kind Regards,

Wim
Reply | Threaded
Open this post in threaded view
|

Re: Fallback mailserver

Magnus Bäck
On Thursday, July 10, 2008 at 09:54 CEST,
     Wim Groen <[hidden email]> wrote:

> At the moment I've got the following situation for all our domains:
> DNS:
> Mx1.mydomain.com MX 20
> Mx2.mydomain.com MX 20
>
> Now I want to make a fallback mailserver with Postfix. I want to add a
> MX record:
> Fallback.mydomain.com MX 100
>
> I want to configure the fallback server to accept mail only when
> fallback.mydomain.com is returned in a MX lookup. Is that possible?

What do you mean? fallback.example.com is always returned in the MX
lookup.

Anyway, I think I know where you're going. You want your backup MX to
accept email only when the primary MXes are unavailable. But how would
you know when they're unavailable to the clients?

If you must have a backup MX -- it's no longer considered a best
practice -- it must be available at all time, it must keep recipient
lists so that backscatter can be avoided, and it should (for you own
good) implement the same antispam policies as the primary MXes.

--
Magnus Bäck
[hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: Fallback mailserver

Wim Groen


Hello Magnus,

I mean the following:

For example lets take 2 domains:
Mydomain.com: DNS:
Mx1.mydomain.com MX 20
Mx2.mydomain.com MX 20
Fallback.mydomain.com MX 100

Test.com DNS:
Mx1.test.com MX 20
Mx2.test.com MX 20

Now when somebody sends an email to @mydomain.com and mx1 and mx2 are down the message will be delivered to the fallback. Because I don't want to have a open relay I want to configure the fallback so he will do a MX lookup and when fallback.mydomain.com is a MX record he accepts the message.

So when the message for mydomain.com is accepted at the fallback the fallback will hold the message until mx1 and mx2 are up. When somebody wants to send a (spam)message threw my fallback server the MX loopup fails and he will bounce the message.

I only add the fallback mx record to our domains so other domains can't send with the fallback server. Is this possible?

I hope you get what I mean.

Thanks for the help!

Wim

-----Oorspronkelijk bericht-----
Van: [hidden email] [mailto:[hidden email]] Namens Magnus Bäck
Verzonden: donderdag 10 juli 2008 10:17
Aan: [hidden email]
Onderwerp: Re: Fallback mailserver

On Thursday, July 10, 2008 at 09:54 CEST,
     Wim Groen <[hidden email]> wrote:

> At the moment I've got the following situation for all our domains:
> DNS:
> Mx1.mydomain.com MX 20
> Mx2.mydomain.com MX 20
>
> Now I want to make a fallback mailserver with Postfix. I want to add a
> MX record:
> Fallback.mydomain.com MX 100
>
> I want to configure the fallback server to accept mail only when
> fallback.mydomain.com is returned in a MX lookup. Is that possible?

What do you mean? fallback.example.com is always returned in the MX
lookup.

Anyway, I think I know where you're going. You want your backup MX to
accept email only when the primary MXes are unavailable. But how would
you know when they're unavailable to the clients?

If you must have a backup MX -- it's no longer considered a best
practice -- it must be available at all time, it must keep recipient
lists so that backscatter can be avoided, and it should (for you own
good) implement the same antispam policies as the primary MXes.

--
Magnus Bäck
[hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Fallback mailserver

Magnus Bäck
On Thursday, July 10, 2008 at 10:37 CEST,
     Wim Groen <[hidden email]> wrote:

> I mean the following:
>
> For example lets take 2 domains:
> Mydomain.com: DNS:
> Mx1.mydomain.com MX 20
> Mx2.mydomain.com MX 20
> Fallback.mydomain.com MX 100
>
> Test.com DNS:
> Mx1.test.com MX 20
> Mx2.test.com MX 20

Please use the reserved example.com, example.net etc domains instead of
mydomain or something else you've made up.

> Now when somebody sends an email to @mydomain.com and mx1 and mx2 are
> down the message will be delivered to the fallback.

Correct. You'll also see many spammers connecting directly to the
fallback server.

> Because I don't want to have a open relay I want to configure the
> fallback so he will do a MX lookup and when fallback.mydomain.com
> is a MX record he accepts the message.

But fallback.mydomain.com is *always* an MX record for mydomain.com.
Unless, of course, you modify the DNS zone when the primary MXes are
down, but that would be ridiculous.

This has nothing to do with open relay. An open relay is a relay that
relays from any client to any destination. A backup MX that relays to
the primary MXes of your owns domains is not an open relay.

> So when the message for mydomain.com is accepted at the fallback the
> fallback will hold the message until mx1 and mx2 are up. When somebody
> wants to send a (spam)message threw my fallback server the MX loopup
> fails and he will bounce the message.

No, forget it. I repeat what I said in my first message in the thread:
A backup MX must implement recipient validation and must have the same
spam countermeasures as the primary MXes. If you can't follow these
principles you're better off without a backup MX.

[...]

--
Magnus Bäck
[hidden email]