On Wednesday, November 20, 2002, at 12:15 PM, Steve Werby wrote:
"Dan Kriwitsky" <list1@xxxxxxxxxxxxxxxxxxxx> wrote:If you have two separate DNS servers, I wouldn't worry too much. Any RFC compliant server should just queue the mail for 4 or 5 days until your email server is back up.While I'd have to agree with you, there are some caveats so it depends what risk one is willing to take. "Should" and "will" are 2 different concepts,not all mail servers are RFC compliant and though 5 days is the default in some mail servers it's a configurable option in all I've worked with IIRC.
Here's another wrinkle which won't apply to everyone. Our Qube3 uses a few DNSBLs. Our upstream provider (who also does our DNS) has a secondary MX for our domain, a holdover from the days when we had a 56k frame relay rather than the T1 we have now. On a fairly regular basis, our Qube would bounce incoming mail based on a DNSBL listing. The relay/open proxy in question would retry at our secondary MX, which is using >different< block list(s), and the spam would get relayed on to us, this time from a "safe" host.
So, observation and a question:Observation: if you use DNSBLs, and can configure that secondary mail service, make sure it's using the same ones, or you've opened a back door for spam.
Question: Given that I can't reasonably ask our upstream to change their block lists - they're an ISP, I'm just answerable to the office here, so I can be much more aggressive - would it be shortsighted of me to have them remove the secondary MX?
pjm