your analysis sorta reminds me of a child trying to get permission from
an adult. It mom says no, then there is always dad. When mom said no
way in hell, amongst (savy) parents that means absolutely no. In a
perfect world, there's no need to ask pop.
But if mom didnt reply ( ie out shopping ) , then the answer from pop
would be binding.
I suppose it all revolves around if u mean that the IP connection
failed, or the SMTP protocol failed would cause another MX record to be
used. My *opinion* is that if the IP connection failed, then another MX
can be tried until a connection is made. If the SMTP protocol failed,
then that answer is suppose to be good for all MX records. No need to
seek out another parent: sort-of-speek.
It would seem that if one server greylisted, then they all should
greylist. Just my *opinion* mind you. As eventually you will find that
the errant spammers will find the hole in your filtering scheme, and not
bother with the lowest, or highest, and just try them all until they get
what they want.
I'm curious as to why they ("people are telling me ") think that their
scheme is appropriate? All I see is that spammers will adapt to try all
MX records, wasting your bandwidth, and server time. And in your case,
having spam processed ( as I suppose, greylist is just the first barrier ).
Marc Perkel wrote:
I'm not a Qmail user. I have a spam filtering operating where I do
front end filtering for about 3000 domains. Many of the servers that
send mail to my filtering network are running Qmail and there seems to
be a problem and I'm wondering if someone can address it. I'm running
Exim myself.
One of my tricks to filter spam is a gray listing like trick that
detects suspicious hosts and returns a temp error on the lowest MX
number. Spammers often don't retry but real email servers would, in
theory, retry the next level up in the MX chain and the secondary
server will accept the email.
Servers that I do this with include servers with no or bad reverse
lookup, Host names with pattens that look like residential machines,
and servers listed in black lists that are not reliable enough to
block, but usually are spammers.
The idea being the but profiling these servers and returning a temp
error (421) on the lower MX that the good servers who would be a false
positive would retry to a different server that would accept it.
But - it seems like servers who are running Qmail only send to the
lowest MX and don't retry the higher MX. Is this so? Or does it apply
only to old versions?
When Exim gets a temp error on the lowest MX it immediately retury all
the IP addresses of the higher MX servers. If they all fail then the
server wait for a period of time and tries them all in order again.
But people are telling me that Qmail is broken on this issue.
So - is this so? Can someone let me know how Qmail works on MX retries?
Thanks in Advance
|