[Mimedefang] Distributed access lists

Kenneth Porter shiva at sewingwitch.com
Sat Jun 24 16:24:39 EDT 2006

--On Saturday, June 24, 2006 1:01 PM +0900 alan premselaar 
<alien at 12inch.com> wrote:

>>> You could deliver the primary's access database to the secondary
>>> somehow  (via scp/rsync, ftp, etc. like in every 5 minutes or so, or
>>> just when  your primary access database gets updated, e.g. when you add
>>> a new  mailbox) and merge both access files before building the
>>> access.db. Thus  the secondary MX will always have all the information
>>> needed to reject  mail coming to non-existing recipients for both of
>>> your domains.
>> My paragraph above sort of explains why this won't work, since my access
>> file doesn't contain much. I'll look and see what it has, though, and
>> maybe I can do something with it.
> Distributed access lists, while providing an independant means of
> rejecting unknown users even if the primary MX is unavailable, is more
> of an administrative burden.

Why not put the access list in DNS, which is also distributed? Dynamic 
updates allow multiple servers to maintain it, and local caching should 
keep it reasonably fast.

More information about the MIMEDefang mailing list