As sort-of expected, the last chapter of Run Your Own Mail Server is getting split into tech detritus and social detritus. I’ll probably split this into two chapters.
Spambots all choose shortcuts. Postscreen catches many of them. Greylisting plays against others. A popular shortcut many spambots choose is to ignore backup MX records. These spambots attempt to contact the target’s primary MX, but if that fails they proceed to the next victim.
Remember, the SMTP protocol comes from an age when “high availability” meant buying expensive machines and “virtualization” meant hosting more than one domain on a machine. When hardware failed, it might remain offline for several days before the thirty-ton replacement got shipped in on an 18-wheel tractor-trailer from a couple states away. Legitimate mail servers had to communicate with the backup MX.
If most spammers ignore the backup MX, but legitimate senders respect it… what if you turn off the MTA listed in your primary MX?
I might even finish this book tomorrow.