[Mimedefang] Distributed access lists
Kenneth Porter
shiva at sewingwitch.com
Sat Jun 24 16:24:39 EDT 2006
--On Saturday, June 24, 2006 1:01 PM +0900 alan premselaar
<alien at 12inch.com> wrote:
>>> You could deliver the primary's access database to the secondary
>>> somehow (via scp/rsync, ftp, etc. like in every 5 minutes or so, or
>>> just when your primary access database gets updated, e.g. when you add
>>> a new mailbox) and merge both access files before building the
>>> access.db. Thus the secondary MX will always have all the information
>>> needed to reject mail coming to non-existing recipients for both of
>>> your domains.
>>
>> My paragraph above sort of explains why this won't work, since my access
>> file doesn't contain much. I'll look and see what it has, though, and
>> maybe I can do something with it.
>
> Distributed access lists, while providing an independant means of
> rejecting unknown users even if the primary MX is unavailable, is more
> of an administrative burden.
Why not put the access list in DNS, which is also distributed? Dynamic
updates allow multiple servers to maintain it, and local caching should
keep it reasonably fast.
More information about the MIMEDefang
mailing list