On 9/3/07, David Robb
On Mon, 3 Sep 2007, Bojan Zdrnja wrote:
Sure, they are networks, but they both have MTAs. If your MTA in network [A] is your primary (and let's hope it's properly configured to reject e-mails for non existent users immediately) and the one in [B] has no idea about your users but knows that it has to accept everything for [A]'s domain then you have a problem I mentioned before.
Since you're the one who added this extra aspect into the mix, and Joe's rightly pointed out that perhaps people should care about things other than how he runs his mail servers, you're making an awful lot of assumptions and accusations.
Lol - I'm not accusing anyone ... What I said:
Please tell us that both [A] and [B] know all your users and domains (in other words: they reject e-mails for non existent users during the SMTP session).
And Joe said:
[A] and [B] are networks, not mail servers.
I just wanted to point out that mistake number 1 people do (and that's all I wrote in my first post - go back and check) is that they just configure the MTA at [B] to be a secondary MX and then that results in loads of NDRs.
The benefit of having [B] as you described it is *only* if the network between [A] and [B] is private (otherwise it should be routable so [C] should be able to get to [A] over [B]).
Unless there are network issues, routing policies etc preventing this. Which is well, most of the point of backup MXs.
Fair enough. For most organizations though, if they have network issues with their main link they can afford to wait couple of hours for e-mails ...
If this is the case, you can still have both of them as 1 MX record so you try to split the load between them. As I said, if MTA in [B] is secondary, you'll almost certainly see *higher* spam load on it than on [A].
So?
No problem if you design everything correctly. Bojan