Thanks for the advice. I put my thinking cap on and came up with a solution that will work for me (I think). It's complicated, but it should solve the problem.
I use an external company (dnsmadeeasy.com) for my DNS. Why? Because they offer DNS based fail-over that I can't do myself for anywhere near the dirt cheap rate that they charge. I have two circuits into each server and use a Astrocomm PowerLink for outbound load balancing and fail-over, but had no way to do inbound fail-over. The folks at dnsmadeeasy.com allow me to put multiple IP addresses per "A" record so that if the primary circuit is down they will stop resolving to it and switch to the secondary circuit (takes one minute). So here's what I had before: example.com. MX 10 mail.example.com. example.com MX 20 backup.example.com mail A (primary circuit IP, and then secondary circuit IP for fail-over) backup A (primary circuit IP, and then secondary circuit IP for fail-over) Here's what I've done. I renamed the "backup" machine as "mail". Now I have two machines that reply with the same SMTP name. I changed the DNS as follows: example.com. MX 10 mail.example.com. mail A (primary circuit IP, and then secondary circuit IP, then previous backup machine primary circuit IP, previous backup secondary circuit IP) What does this do? I'm in technical violation by only having one MX record per domain, but in reality there are four routes to two different servers for that one MX record so I really do have backup. It will be impossible to get to the old backup machine via DNS unless the primary machine is completely down (doesn't answer on both primary and secondary IP's). Once this happens the DNS will automatically resolve to the old backup machine's IP and it will answer with the correct mail server name "mail.example.com". The only way that they can get to the backup spooler is if they do a port scan and see port 25 open on it. They can't get it via DNS if things are working properly on the main mail machine. Complicated yes, but I think it will force 100% of the traffic thru my IMail box unless it's down. Whew.. -Joe ----- Original Message ----- From: "Grant Griffith - IMail" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, June 04, 2004 10:31 AM Subject: RE: [IMail Forum] Any solution for this? I had this same issue and Sandy recommended buying the Vamsoft's ORF (http://www.vamsoft.com/orf/) to stop the bad addresses from making it past the SMTP envelope. It is only $99 and works very well. We don't get hit with as many as you are, but it at least stops them from being delivered to the secondary server. They are bounced back as it undeliverable. I currently see where this week only 4% of the messages being sent to the backup MS are being accepted. Therefore it cuts allot of the junk. I wish it had a weighting system like Declude does, but it is a fail one test and bounce situation. I am OK with this right now as our main mail server is very rarely down. I am hopeful that if our main mail server does go down all the messages will be accepted as good messages. Sincerely, Grant Griffith EI8HT LEGS Enhanced Web Management http://www.getafreewebsite.com 877-483-3393 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Joe Wolf Sent: Friday, June 04, 2004 10:24 AM To: [EMAIL PROTECTED] Subject: [IMail Forum] Any solution for this? My main IMail server is very secure and I have no problems with it. I use the SMTP feature of IIS6 on a different server as my "store and forward" mail server in the event my IMail box is down. This is where the problem is! All the spammers run their dictionary attacks on my secondary "store and forward" server. This server accepts all mail as long as it's to a valid domain. So this means that the server will accept ALL of those messages from a dictionary attack as if it were running a nobody alias. It's not an open relay. The store and forward server then tries to deliver those messages to my main IMail box, and this is where IMail weeds out all the invalid messages. My store and forward server is getting hit with about 500 messages a minute. Only about 2% of those messages are valid. The bandwidth this uses really pisses me off. Are the spammers intentionally looking for lower priority MX records? Is there any way to eliminate this problem (maybe I've overlooked something in the setup)? Any suggestions would be appreciated... I'm sure others have this same problem! Thanks, Joe To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
