Re: [courier-users] Backup MX, was Courier::Filter rejecting over-zealously
-Original Message- >From: Alessandro Vesely [mailto:ves...@tana.it] >Sent: Friday, September 24, 2010 2:40 AM >> In my experience, enterprises of size actually operate dedicated boundary >> servers as their MX platforms, and final delivery is handled by an entirely >> different set of servers often totally invisible to the outside user. >While that's correct, those invisible servers are not _primary_ MXes >on the public Internet. So, it is still unanswered why large >enterprises may want to operate _secondary_ MXes, i.e. MXes with a >higher preference number. Ummm... the "invisible servers" are not actually any kind of MX on the public Internet, primary or otherwise. There is a certain amount of confusion in this area because a lot of the mindset is structured around the notion that the "primary MX" is final recipient (the MDA), and other MX nodes end up relaying traffic to that "primary". But if you use a purpose designed "boundary server" whose sole job is scanning and filtering, then forwarding the scanned mail to distinct delivery nodes, you may well choose to implement multiple such systems attached to different network providers and/or points-of-presence. In this model, the MX is just another MTA, quite distinct from the MDA and MSA. For example: suppose you have campuses in Los Angeles and New York. Each campus has its own connection to the Internet, but also a private network between the two. Even if you want the bulk of outside traffic, and all mail, to go to LA, it may make sense to have an MX based in NY with a lower priority that routes its traffic to LA over the private network. That way a service outage on the LA campus would not bring down all external mail acceptance. I don't think we're in disagreement with anything, here, other than perhaps the issue created by the fact that "MX server" has been conflated with "delivery server", a fact that should surprise no-one who's seen the separation, over time, of the MTA, MDA and MSA parts of the system. Malc. -- Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] (no subject)
http://bit.ly/czYgOg -- Nokia and AT&T present the 2010 Calling All Innovators-North America contest Create new apps & games for the Nokia N8 for consumers in U.S. and Canada $10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store http://p.sf.net/sfu/nokia-dev2dev ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Backup MX, was Courier::Filter rejecting over-zealously
On 23/Sep/10 01:00, Malcolm Weir wrote: >>From: Ben Kennedy [mailto:b...@zygoat.ca] > >>With respect, I still find this argument somewhat specious. Virtually >>every enterprise of any size on the internet still runs multiple MX >>servers. While I appreciate that having a single point of reception >>means a simpler configuration, it also foregoes some measure of >>redundancy and versatility. Are Google and Apple and IBM and the White >>House out of their minds? I suppose that perhaps Courier is the wrong >>product for any such business, but if so, it seems an unfortunate design >>exclusion. In any case, that's getting off track. > > In my experience, enterprises of size actually operate dedicated boundary > servers as their MX platforms, and final delivery is handled by an entirely > different set of servers often totally invisible to the outside user. While that's correct, those invisible servers are not _primary_ MXes on the public Internet. So, it is still unanswered why large enterprises may want to operate _secondary_ MXes, i.e. MXes with a higher preference number. It is possible to have multiple primary MXes (each one possibly multi-homed). For example, the White House doesn't seem to have secondary MXes: ;; QUESTION SECTION: ;whitehouse.gov.IN MX ;; ANSWER SECTION: whitehouse.gov. 10800 IN MX 105 mail1.eop.gov. whitehouse.gov. 10800 IN MX 105 mail2.eop.gov. whitehouse.gov. 10800 IN MX 105 mail3.eop.gov. whitehouse.gov. 10800 IN MX 105 mail4.eop.gov. (The same is true for ibm.com, but not for apple.com and gmail.com.) I agree that out-of-the-box Courier is the wrong product for a businesses running backup MXes, just like any other standard compliant SMTP server. The reason is that the traditional (non-filtering) design of secondary MXes is broken. This rules out the possibility of outsourcing backup MXes, which would be the most interesting solution for servers confined within a single RIR. -- http://fixforwarding.org/wiki/Backup_MX -- Nokia and AT&T present the 2010 Calling All Innovators-North America contest Create new apps & games for the Nokia N8 for consumers in U.S. and Canada $10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store http://p.sf.net/sfu/nokia-dev2dev ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users