...on Fri, Mar 18, 2005 at 08:52:23AM -0500, Yang Xiao wrote: > On Fri, 18 Mar 2005 13:48:46 +0000, Duncan Hill <[EMAIL PROTECTED]> wrote: > > In a large number of cases, the secondary MX is not configured to know the > > list of valid users etc, and may be configured to pass directly to the > > internal mail server, bypassing protections on the primary relay. > hm...I'd be interested to know what's the percentage is like for this > kind of settings just to feed my curiousity, because it totally > doesn't make sense to me , it's like settings up a secondary firewall > with no blocking rules, what good is it?
It shurely doesn't make sense if the secondary MX is under your control, but there are many setups where the ISP or someone else runs a backup MX for his customer's domains as a service. With this configuration, the secondary MX will usually not know about valid users in the destination domain. Therefore it makes sense for the spammers to deliver mail to the secondary MX, as they can always claim that 100% of the mails have been successfully delivered. Alex.
