Re: Multiple mail servers for a single domain?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



We provide secondary DNS and mail spooling for our customers with managed services. We let them know when
they have a problem, believe it or not I call people and they don't even realize that their server is broken.


The first problem with acting as a secondary mail spool for someone is bandwidth usage. Even if the real mail server
is running spamming software often uses the mx of last resort to send the spam. By sending the spam to the mx
of last resort, alot more spam gets through because mail is always accepted from that machine by the real mail
server.


The second problem is when the person with the real mail server, configures their machine with a "tar pit". A
"tar pit" is when you drop the connection to the machine sending the spam without any response, so that the machine
sits and waits for a responce eventualy timing out. This wastes resources on the secondary spool because it can not
deliver the messages it has queued, and is made to wait for every attempt. The undeliverable messages then build up
on the secondary spool taking up space and resources until they expire {usualy after ~ 5 days}. In the mean time the
secondary spool sends messages to the sender {who usualy doesn't exist because its faked in the spam} after 4 hours
to let them know the message is delayed temporarily. So now the server must cache the undeliverable response as well.
As you can see this can baloon into a problem where you could run out of resources.


I am not suggesting that you should not act as secondary spool for someone else, just make sure you are ready for
what can happen.


On a secondary spool I had setup a while ago I created a multilevel spool that moved messages that were not destined for
etrn delivery from the primary spool to a secondary spool that was checked less frequently after 4 hours. After one day the
messages were moved to a third spool which was checked even less frequently. After two days the message was moved to a final
spool that was checked every 4 hours until expiry. This greatly reduced the required resources on that server. I had mrtg
monitoring the number of messages in each spool and sent a warning when too many messages were in any of the spools.


We are in the process of building a terrabyte sized mail sytem, and I plan to setup a multilevel queue and other automated
systems to maintain and monitor the queues and send warnings when things are going awry.



Good luck


Rodolfo J. Paiz wrote:

At 06:05 8/23/2003, you wrote:

Just by way of commentary -- I'll have to find a backup mail server some
day -- perhaps with a friend living far away who keeps a machine on
24X7. I wonder how many businesses and individuals went without backup
mail service when the power went out in New York.


I always suggest that a responsible entity (whether company, home, whatever) who wants to set up its own Internet servers secure a secondary. I swap secondary mail and DNS services with a friend in Europe (I'm in Guatemala), which makes it extremely unlikely that both our servers, power lines, and network backbones will be down simultaneously.



-- Guy Fraser Network Administrator The Internet Centre 780-450-6787 , 1-888-450-6787

There is a fine line between genius and lunacy, fear not, walk the
line with pride. Not all things will end up as you wanted, but you
will certainly discover things the meek and timid will miss out on.




-- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list

[Index of Archives]     [Fedora Users]     [Centos Users]     [Kernel Development]     [Red Hat Install]     [Red Hat Watch]     [Red Hat Development]     [Red Hat Phoebe Beta]     [Yosemite Forum]     [Fedora Discussion]     [Gimp]     [Stuff]     [Yosemite News]

  Powered by Linux