Hi Neil, On Mon, 15 Nov 2004 19:22:57 +0000 UTC (11/15/2004, 1:22 PM -0500 UTC my time), Neil White in part wrote: N> I have got postfix running on SuSE 9.1 but have some problems. N> It runs as a backup MX for a sendmail server running on Redhat 9. okay N> I am having a spam related problem, but I dont know where to begin... N> Whenever I enable postfix so that it is accepting external connections, N> spam levels rise. N> Where for example the backup MX runs on a host called mail.my.net N> I am getting spam in the form of subject@mail.my.net. and why not... Since you did not give your real domain, I cannot check your DNS records. However, if you published DNS has both the primary listed and a secondary MX record pointing to "mail.my.net," you will receive spam when you open up postfix or any MTA. Spammers are quite sophisticated, and they will send mail to any MX record, sometimes even bypassing the primary, and going directly to the secondary MX. N> What amazes me is that NOWHERE (to my knowlege) is the hostname N> mail.my.net listed on the net - the solve purpose of this host is (at N> present) backup MX. Cannot help you unless you provide true info. N> So my question is, how are spammers sending mail to domains for which N> this is backup MX and making the senders address appear to have come N> directly from the mail host ? 1. As above, if your secondary MX is published. 2. Your primary Redhat box re-routes mail to the secondary SUSE box which is a subdomain. 3. At some time, you used postfix to send mail from your secondary box, and it showed your email coming from your subdomain e.g. @mail.my.net (SUSE box) instead of rewriting it to @my.net. This was then harvested by spammers as a true address, hence you receive spam. Bottom line, in today's times, you do not need a backup MX, IMO... period. Every modern MTA will keep mail in its sending queue (for the life of the queue, usually a week), and keep retrying if the receiving server is down. -- Gary