Received: from localhost (unknown [200.46.204.184])
	by postgresql.org (Postfix) with ESMTP id DF1069FB6E7
	for <pgsql-www-postgresql.org@postgresql.org>;
	Tue, 16 Oct 2007 12:23:12 -0300 (ADT)
Received: from postgresql.org ([200.46.204.71])
	by localhost (mx1.hub.org [200.46.204.184]) (amavisd-maia, port 10024)
	with ESMTP id 52578-08 for <pgsql-www-postgresql.org@postgresql.org>;
	Tue, 16 Oct 2007 12:23:04 -0300 (ADT)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.5
Received: from main2.mycybernet.net (main2.mycybernet.net [209.222.63.140])
	by postgresql.org (Postfix) with ESMTP id 105A19FB579
	for <pgsql-www@postgresql.org>; Tue, 16 Oct 2007 12:23:05 -0300 (ADT)
Received: from 227-54-222-209.mycybernet.net ([209.222.54.227]
	helo=crankycanuck.ca) by main2.mycybernet.net with esmtp (Exim 4.62)
	(envelope-from <ajs@crankycanuck.ca>) id 1IhoFy-00047M-9Z
	for pgsql-www@postgresql.org; Tue, 16 Oct 2007 11:22:54 -0400
Received: by crankycanuck.ca (Postfix, from userid 1000)
	id DFEDD3FAF; Tue, 16 Oct 2007 11:22:46 -0400 (EDT)
Date: Tue, 16 Oct 2007 11:22:46 -0400
From: Andrew Sullivan <ajs@crankycanuck.ca>
To: pgsql-www@postgresql.org
Subject: Re: Mail setup broken (still/again?)
Message-ID: <20071016152246.GM3255@crankycanuck.ca>
References: <20071016085209.GD22159@svr2.hagander.net>
	<20071016140750.GF3255@crankycanuck.ca>
	<20071016150248.GJ22159@svr2.hagander.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20071016150248.GJ22159@svr2.hagander.net>
User-Agent: Mutt/1.5.9i
X-Virus-Scanned: Maia Mailguard 1.0.1
X-Archive-Number: 200710/103
X-Sequence-Number: 12690

On Tue, Oct 16, 2007 at 05:02:48PM +0200, Magnus Hagander wrote:
> 
> Sure, but does it help us in any way at all? Why do we care where the mail
> is queued up, reall?

We can't control the policies on all those servers, and some of them
may not queue as long as we like.  Also, it's polite to have more
than one mail server, and not force others to queue mail when you
have an outage.  This is part of the reason one has more than one MX
possible, after all.

> If we reject it on the secondary MX, we'll be creating a whole bunch of
> bounces for invalid addresses that spammers sent to. If our secondary MX
> can just drop them, that never happens since they get a reject at the SMTP
> protocol level.

You mustn't _ever_ "just drop them".  Yes, I know people are doing
that instead of bouncing, but it's wrong, bad, evil, and completely
in contradiction of the totally plain MUSTs in the relevant RFCs.  

I think you meant refuse, though, which is a different matter.  It's
not actually hard to rsync the user map among the various servers
using postfix (I do it myself), so that seems to me to be an
alternative, yes.  And that can be done with multiple user lists.

There is another thing we could do, BTW, to try to reduce the
spam-induced bounces, and still have multiple servers in place.  What
you do is add an MX with priority 0 that always gives a soft error. 
Most spambots won't try the next MX, so your "real" MX (with, say,
priority 1) doesn't get the spam attempt.

A
-- 
Andrew Sullivan  | ajs@crankycanuck.ca
Never get involved in litigation. Your hair will fall out, your bones 
will turn to sand.  And it will still be going on.
		--Tom Waits