Date: Mon, 30 Jul 2001 11:34:00 +0200 From: Len Conrad <LConrad@Go2France.com> To: freebsd-isp@freebsd.org Subject: Re: FreeBSD Mail Toaster CLUSTER Message-ID: <5.1.0.14.0.20010730112611.0366fdd0@mail.Go2France.com> In-Reply-To: <5.1.0.14.0.20010730111125.00aede60@postoffice.riic.at> References: <20010731041418.A26709@plug.cx> <20010730083553.89918.qmail@web20101.mail.yahoo.com> <996207686.1405.14.camel@percible.alfred.cx> <20010730083553.89918.qmail@web20101.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>Or, using round robin dns ... if itīs good enough MX load distribution for these people... ; <<>> DiG 8.3 <<>> aol.com mx ;; res options: init recurs defnam dnsrch ;; got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 2, ADDITIONAL: 15 ;; QUERY SECTION: ;; aol.com, type = MX, class = IN ;; ANSWER SECTION: aol.com. 1H IN MX 15 mailin-03.mx.aol.com. aol.com. 1H IN MX 15 mailin-04.mx.aol.com. aol.com. 1H IN MX 15 mailin-01.mx.aol.com. aol.com. 1H IN MX 15 mailin-02.mx.aol.com. >But what do you do if you nfs/raid server fails? or the local network >between raid/nfs server and mx1 and mx2? or if the mailbox servers, connected directly to internet gets DoS'ed with mailbombs, harvesting, relay attacks, spoofed From: headers, etc, etc? The priorites are screwy when the mailbox server failover is addressed while leaving the mailbox servers exposed as MX hosts. The mailbox servers should be behind a separate, out-front rank of MX hosts as defensive relay hubs (and as outbound gateways). Len http://MenAndMice.com/DNS-training http://BIND8NT.MEIway.com : ISC BIND 8.2.4 for NT4 & W2K http://IMGate.MEIway.com : Build free, hi-perf, anti-abuse mail gateways To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.0.14.0.20010730112611.0366fdd0>