> i usually have my backup MX accept everything and then don't treat > them specially on the primary. thus, policy is still enforced on the > primary, but there is a proper backup path *under my control* should > the primary be unreachable for whatever reason.
With this approach you can't bounce RBLed messages at SMTP connect time though, right? (I realize that RBLs are semi-controversial, especially at the ISP level.) We recently dropped our secondary MX as it was just being abused to get spam past the RBLs on our primary. (I.e. _no_ valid mails were being delivered through the secondary MX.) The secondary MX was not under my direct control which complicated matters a little as then I could not even attempt to make the policy the same on the secondary as it was in the primary. Thanks, Dale -- Dale E. Martin - [EMAIL PROTECTED] http://the-martins.org/~dmartin pgp key available
signature.asc
Description: Digital signature