Spam Filter ISP Support Forum

  New Posts New Posts RSS Feed - Backup mail server: Friend or Foe?
  FAQ FAQ  Forum Search   Register Register  Login Login

Backup mail server: Friend or Foe?

 Post Reply Post Reply
Author
sgeorge View Drop Down
Senior Member
Senior Member


Joined: 23 August 2005
Status: Offline
Points: 178
Post Options Post Options   Thanks (0) Thanks(0)   Quote sgeorge Quote  Post ReplyReply Direct Link To This Post Topic: Backup mail server: Friend or Foe?
    Posted: 26 April 2006 at 10:14am

Hi, my domain has a backup mail server, provided by an external company.   My MX DNS record looks like this:

Domain

Type

Class

TTL

Answer

mydomain.com.

MX

IN

900

mail.mydomain.com. [Preference = 10]

mydomain.com.

MX

IN

900

mail.companyx.com. [Preference = 90]


Along with the benefits of having a backup mail server, I'm noticing that it's also causing my domain to receive more spam that it otherwise would...

This is because when we receive incoming mail at mail.mydomain.com - it comes from two sources:

  1. Directly from the SMTP server of the original server
  2. Or relayed from the SMTP server of mail.companyx.com, assumably because my primary mail server was not available for some period of time.

 

When #2 is the case, the i.p. address that SpamFilter sees is a i.p. from companyx.com not from the original sender.  I believe that messages relayed through the backup mail server cripple my ability to effectively scrutinize the messages with several of SpamFilter's important tools:  MAPS lists, i.p. blacklist, Honeypot i.p.s, SPF filtering, and the i.p. blacklist cache.

While my primary mail server runs nearly 100% of every day, most of the spam that my domain receives is through companyx's smtp servers that relay messages to my domain.

Does anyone have any suggestions?  I would love to have a way to scrutinize messages that are relayed by the backup mail server.
 

Thanks so much!

Stephen
Back to Top
Desperado View Drop Down
Senior Member
Senior Member
Avatar

Joined: 27 January 2005
Location: United States
Status: Offline
Points: 1143
Post Options Post Options   Thanks (0) Thanks(0)   Quote Desperado Quote  Post ReplyReply Direct Link To This Post Posted: 26 April 2006 at 11:01am

sgeorge,

As an ISP, we MUST have a (several) backup server.  BUT, we own all our servers so we install SF on the secondary with a replicated rule set.  Otherwise, any IP based or MAPS based blocking will not work since the primary server allows everything from the secondary.

Having said that, we employ 3 servers for our mail.  Server 1 is the SpamFilter, Server 2 is a relay server that the clients connect to to mail out and SpamFilter relays through that and the 3rd is our Sendmail server which has the boxes on it and is tasked with the final delivery (outbound) of all NON-NDR traffic.  So ... both our primary and secondary SpamFilter send to our relay server and both filter the inbound mail while the relay server filters nothing (except virus checking).

The Desperado
Dan Seligmann.
Work: http://www.mags.net
Personal: http://www.desperado.com

Back to Top
sgeorge View Drop Down
Senior Member
Senior Member


Joined: 23 August 2005
Status: Offline
Points: 178
Post Options Post Options   Thanks (0) Thanks(0)   Quote sgeorge Quote  Post ReplyReply Direct Link To This Post Posted: 26 April 2006 at 11:29am
Thanks, that sounds like a good setup.

I like the fact that my backup server is out of my office, but it certainly means that I don't have full control over it and it's junk mail policies.

Stephen
Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down



This page was generated in 0.070 seconds.