Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Using Kerio as store and forward (Use a second server to receive and filter spam, then forward)
  •  
rmuncy

Messages: 9
Karma: 0
Send a private message to this user
Hello all, My mail server seems to be struggling lately with all the spam. 70% of all incoming is now spam. I was wondering if I put another kerio in front (higher priority MX record) with no user accounts just forward all to the secondary which would conatin all my user accounts.....would the first one be able to process the spam before it forwarded??

Russ
  •  
TorW

Messages: 769
Karma: 9
Send a private message to this user
That would sort of work if you don't make any accounts (just domains) in the "outer" Kerio and tell it to forward anything that isn't found locally. However, in that case you will likely start emitting great amounts of backscatter once the spammers start guessing addresses. I.e. you would start doing "accept-then-bounce" (accepting mail in the outer Kerio and bouncing it in the inner) which is ... well ... frowned upon.

On top of that, you will likely find that the spammers target the lower pri MX anyway.

How many accounts do you have?
  •  
rmuncy

Messages: 9
Karma: 0
Send a private message to this user
Have about 600 accounts.
Yep, I realized the spammers would hit the lower priorty. Ran into that when I was trying to use a "free" backup MX server.

Not sure I understand what you mean by "backscatter". Can you elaborate?

As another option, couldn't I just remove the MX record for my main server and force all traffic through the other for "processing"??

Thanks for the response.

Russ
  •  
hbianchi

Messages: 121
Karma: 8
Send a private message to this user
I tried this ocnfiguratrion for a while and indeed it works. I have one server with the accounts, but without MX record (this is very important to avoid spammenrs to directly point the inner server, and I have two more server doing just as smtp-antispam-antivirus servers. The outer servers were specialized, one for receive (both have MX record) and one to send. All antispam definitions, denial lists, est. etc. were on those two servers. The problem is that:

- It was not clear if you need additional "server licences" just to do so.
- there was nothing to reject in the outer servers, the mails to "unknown usersd".

I requested Kerio several times, to have the possibility of "sync" those kind of servers: one having the users and other/s doing as smtp-antispam-antivirus and making them to work efficiently togheter. New Kerio COnnect has some kind of approach to this, but you still have to pay the licence so:

Best thing is to work with such kind od device but not using Kerio. You can use just a Linux server with the sendmail, spamassesin and clamd (Clamav antivirus) installed and configured and this will work fine. You have still to define users by hand but with kerio you have to do the same, and pay for the additional licence.
  •  
rmuncy

Messages: 9
Karma: 0
Send a private message to this user
Thanks for the good input, everybody. I have gotten some great advice.
Cheers.
  •  
TorW

Messages: 769
Karma: 9
Send a private message to this user
rmuncy: backscatter is when a mail server bounces mail to an innocent third party. In your scenario, that would happen when the "inner" Kerio server receives mail with a fake From address to an unknown local recipient.

I'm sure most admins here have been asked "why am I getting that error message? I didn't send anything!" Wink
  •  
freakinvibe

Messages: 1552
Karma: 62
Send a private message to this user
Quote:
My mail server seems to be struggling lately with all the spam.

Have you switched on Spam repellent and Blacklists? These can block the majority of Spam before its content hits the mail server. Especially the Spamhaus ZEN Blacklist eliminates a lot of Spam (you have to set it to "Block" to reduce the load on your KMS server).

Dexion AG - The Blackberry Specialists in Switzerland
https://dexionag.ch
Previous Topic: want to block all mail from .info
Next Topic: SMTP Delay (Apply ?)
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sat Nov 18 05:43:14 CET 2017

Total time taken to generate the page: 0.00401 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.