[Mimedefang] Distributed access lists
campbell at cnpapers.com
Sat Jun 24 19:27:05 EDT 2006
Quoting Kenneth Porter <shiva at sewingwitch.com>:
> --On Saturday, June 24, 2006 1:01 PM +0900 alan premselaar
> <alien at 12inch.com> wrote:
> >>> You could deliver the primary's access database to the secondary
> >>> somehow (via scp/rsync, ftp, etc. like in every 5 minutes or so, or
> >>> just when your primary access database gets updated, e.g. when you add
> >>> a new mailbox) and merge both access files before building the
> >>> access.db. Thus the secondary MX will always have all the information
> >>> needed to reject mail coming to non-existing recipients for both of
> >>> your domains.
> >> My paragraph above sort of explains why this won't work, since my access
> >> file doesn't contain much. I'll look and see what it has, though, and
> >> maybe I can do something with it.
> > Distributed access lists, while providing an independant means of
> > rejecting unknown users even if the primary MX is unavailable, is more
> > of an administrative burden.
> Why not put the access list in DNS, which is also distributed? Dynamic
> updates allow multiple servers to maintain it, and local caching should
> keep it reasonably fast.
Not sure what this is. What type of records would this be placed under? Can you
give me an example, or is this ACL type stuff?
Thanks for the idea.
> NOTE: If there is a disclaimer or other legal boilerplate in the above
> message, it is NULL AND VOID. You may ignore it.
> Visit http://www.mimedefang.org and http://www.roaringpenguin.com
> MIMEDefang mailing list MIMEDefang at lists.roaringpenguin.com
This mail sent through IMP: http://horde.org/imp/
More information about the MIMEDefang