All,

Finally after two years of moving my website and email accounts from server to server I got a stable server that is pretty powerful. I think the most frustrating thing for me during those two years was not having a backup MX server. If my primary failed, then people would either have mail bounced or delivered much later.

I was thinking of setting up an open relay for anyone to use. Basically what I would do is set a limit of maybe 100 emails per day per domain. This would ensure that it's only being used for personal use and not professional use.

Obviously putting an open relay on the internet is a pretty bad idea because of all the spam that goes around. As much as I am sure you all want Viagra, Cialis to augment your body parts, I am guessing you don't want that in your email.

This is what I thought of doing, when a mail is recieved by the server for an unknown domain, I would do a DNS lookup and if my server appears in the MX records of the domain, it would queue and deliver the mail when the primary server became available.

I figure if a user can compromise the DNS of a particular domain, they probably will do something other than using my machine as a spam relay.

I have given this some thought and figure it would work pretty well.

What does everyone else think? Is this secure enough of a way to be an open email relay? Is there enough legitimate users out there would be prepared to use the service for free?

Lastly, if this method works is there any software that has been written that would do the above mentioned tasks, or would I have to build a plugin for my postfix installation?

What do you think?

David

Open relay.. sure it'll be on the black lists so fast that I probably won't receive anything from it.

Backup mx server ? I used to have my ISP providing one of those.. but you know what ? it was more of a back door for spam than a useful item. since I wasn't hosting the backup system it had no checks in place and would accept mail from anyone anywhere to anyuser@mydomainc.com, then forward all that crap to my main mail server when it came back up which had the secondary mx whitelisted..

Spammers love secondary MX's because they KNOW this happens to people, They intentionally will send their spam to the secondary MX instead of the primary. For some reason SBC did this too, we spent some time trying to figure out why all emails from SBC were delayed a couple hours.. turns out it was a misconfiguration on their side to send to secondary MX first.. not too bright imho

I have spoken with several other mail admins that had this same problem. the resolution ? Dump the secondary MX and allow the mail system to handle outages the way it was designed. If you can't reach destination, wait, retry, if delay is too long (typically a couple days) bounce email.

My users recieve considerably LESS spam now that everything that comes in is filtered, blacklisted, rDNS queried, etc.. etc.. etc.. It's nice to be spam free again.


I'd advise against the secondary mx unless you can implement it properly (user lookup and filtering) and the Open relay idea is even worse imho. If you are going to do it, please email me the IP of your servr so I can put it directly into my local blacklist before you start..

Thanks.

Ok.

Forget it.

You know, I have had my domain for two and a half years. I have never run *any* spam protection of any type and I have yet to recieve any spam...

I suppose I don't look at spam like everyone else. Spam for me is something that is "out there" and may one day come to me. But not as of yet...

David