Hi, my domain has a backup mail server, provided by an external company.   My MX DNS record looks like this:

Along with the benefits of having a backup mail server, I'm noticing that it's also causing my domain to receive more spam that it otherwise would...

This is because when we receive incoming mail at mail.mydomain.com - it comes from two sources:

1. Directly from the SMTP server of the original server
2. Or relayed from the SMTP server of mail.companyx.com, assumably because my primary mail server was not available for some period of time.

When #2 is the case, the i.p. address that SpamFilter sees is a i.p. from companyx.com – not from the original sender.  I believe that messages relayed through the backup mail server cripple my ability to effectively scrutinize the messages with several of SpamFilter's important tools:  MAPS lists, i.p. blacklist, Honeypot i.p.s, SPF filtering, and the i.p. blacklist cache.

While my primary mail server runs nearly 100% of every day, most of the spam that my domain receives is through companyx's smtp servers that relay messages to my domain.

Does anyone have any suggestions?  I would love to have a way to scrutinize messages that are relayed by the backup mail server.
 

Thanks so much!

sgeorge,

As an ISP, we MUST have a (several) backup server.  BUT, we own all our servers so we install SF on the secondary with a replicated rule set.  Otherwise, any IP based or MAPS based blocking will not work since the primary server allows everything from the secondary.

Having said that, we employ 3 servers for our mail.  Server 1 is the SpamFilter, Server 2 is a relay server that the clients connect to to mail out and SpamFilter relays through that and the 3rd is our Sendmail server which has the boxes on it and is tasked with the final delivery (outbound) of all NON-NDR traffic.  So ... both our primary and secondary SpamFilter send to our relay server and both filter the inbound mail while the relay server filters nothing (except virus checking).