Seconday MX: msgs queuing at Roller/ main server not down

Need help? Ask here.

Moderator: Moderators

Post Reply
tathwell
Posts: 4
Joined: Fri Jun 02, 2006 8:47 am

Seconday MX: msgs queuing at Roller/ main server not down

Post by tathwell » Fri Jun 02, 2006 8:57 am

Hello,
I am a new customer of Rollernet using the Secondary MX service... I believe we have everything configured and it appears to be working correctly...

However, I periodically login to check the status of the logs, and I keep noticing a significant amount of messages passing through Rollernet.

The reason this is odd is because our mailserver is not down... we are monitoring our local mailserver as well and mail seems to be flowing normally.

I read somewhere that spammers may try to send mail to every MX record... but this is not the case for every log entry (there are plenty of legitimate messages passing through Roller that I see...)

We currently have our mailserver set for MX 10 and the Roller servers set both to MX 20 preference.

Any clues here?
Thanks.
::Kevin

tathwell
Posts: 4
Joined: Fri Jun 02, 2006 8:47 am

Post by tathwell » Fri Jun 02, 2006 9:01 am

As a followup... I should point out that we have greylisting turned on at our local mailserver...

I just noticed that my forum registration email came through, was greylisted, and then landed in the Rollernet queue. Then, it was resent and passed thru as we have Rollernet whitelisted.

This introduces more questions...

#1) doesn't this defeat the purpose of greylisting if mailers automatically try the secondary MX upon deferral from the first,

and

#2) what is the proper way to configure greylisting in this scenario?

Thanks for your help.
::Kevin

tathwell
Posts: 4
Joined: Fri Jun 02, 2006 8:47 am

Post by tathwell » Fri Jun 02, 2006 9:19 am

Ok, I'm still thinking about this... trying to piece it together in my mind... sorry to keep replying to my own questions...

So in my head, I've justified the greylisting setup as follows... please confirm if this is correct thinking:

--------------------------------------------------------------------------------------------
1) we have greylisting enabled on our primary mailserver
2) we have grelisting enabled at Rollernet, the secondary MX
3) we have Rollernet whitelisted in our primary greylist filter

When new contacts send mail to us, it first stops at our primary server and is immediately deferred due to greylisting.

Then the sender (may) attempt at the backup MX, Rollernet. Because greylisting is also on here, and because Rollernet also sees this as a new contact, they are once again deferred.

Hopefully legitimate senders will retry a third time direct to our main server, which would then allow them after passing the greylist test (ours is set to 5 mins).

I shouldn't have to worry about whitelisting Rollernet's servers because anything that makes it through your queue should have already satisfied the greylist test on your end... this situation could occur if the sender tries the secondary MX on its re-attempt rather than the primary MX.
-------------------------------------------------------------------------------------------------

Based on this logic (if correct)... it means that it would be normal to see a lot of deferred (ie, greylisted) entries in the Rollernet logs on a daily basis. These are caused from senders trying the backup MX after our greylisting deferral at the primary server.

Thanks.
::Kevin

RollerNetSupport
Site Admin
Posts: 850
Joined: Wed Nov 17, 2004 10:05 pm
Location: Nevada
Contact:

Post by RollerNetSupport » Mon Jun 05, 2006 12:32 pm

Legitimate mail servers will always go up the MX priority list if they get a temporary error (i.e. greylisting defer, 4xx error) or can't connect to a server at a lower priority. This is pretty much normal behavior. They only stop traversing the MX list if the message is permanently rejected (5xx error) or the message is accepted by any of the MX hosts. We suggest whitelisting our mail servers in your greylisting config only because it can delay messages due to possible double greylisting.

Spammers may try only the secondary and never the primary, since many secondary mail servers don't have a large amount of filtering (if any) on them, so the chances of spam getting through a secondary is higher. The only major thing our servers are missing as far as filtering goes is content filtering; we're working on adding Spamassassin support to the service to fill this final gap.
Technical Support support@rollernet.us
Roller Network LLC

tathwell
Posts: 4
Joined: Fri Jun 02, 2006 8:47 am

Post by tathwell » Mon Jun 05, 2006 1:02 pm

Great. Thank you for clarifying this. So far the service is working great.
::Kevin

Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest