Nathanael Hoyle a écrit :
>
> I liked Jorey's idea enough to give it a shot. Actually implemented it
> yesterday. I debated about having the 'dead' MX host point at a system
> which dropped the requests but logged them (via iptables or similar),
> not so much to see how much legitimate email made it through (which
> seems to be pretty much all of it so far), but to see how much nasty
> traffic hit the primary 'dead' host that failed to retry on the second.
> For now, I have gone with a somewhat different approach. I actually
> have the primary MX listed as an IP that is a network boundary (and
> therefore flatly unusable),
what do you mean here?
the advantage I see is that the connect
> attempt will fail notably faster than it would if it had to time out,
> which reduces the burden on legitimate hosts, but is still just as
> undeliverable, keeping the desired effect. I will post with further
> results as I have the opportunity to observe them.
>
|
Having problems with message search?
Fill out this form to ensure your group is one of the first to be migrated to the new message search system.
Send Email
