I was hoping for some assistance with a problem that I'm having while implementing some anti-spam measures. I'm running the 5.05 network version, Ubuntu 6.06. I've followed the wiki article regarding installing postgrey, and have it working somewhat. I've also searched the forums for a few days while testing, but haven't found a solution, though after racking my brain, I think I've found the root of the issue.
The problem I'm seeing is that when a new, first-time outside account sends my zimbra server an initial message, that user receives the following message.
----- The following addresses had permanent fatal errors -----
(reason: 550 <email@example.com>: Recipient address rejected: dmrcom.com)
Then also get the 450 error stating that the recipient address is rejected and Greylisted.
<<< 450 4.7.1 <firstname.lastname@example.org>: Recipient address rejected: Greylisted for 145 seconds (see Postgrey - Postfix Greylisting Policy Server)
<email@example.com>... Deferred: 450 4.7.1 <firstname.lastname@example.org>: Recipient address rejected: Greylisted for 145 seconds (see Postgrey - Postfix Greylisting Policy Server)
<<< 554 5.5.1 Error: no valid recipients
... while talking to mail.xxxxxx.com.:
<<< 550 <email@example.com>: Recipient address rejected: dmrcom.com
550 5.1.1 <firstname.lastname@example.org>... User unknown
<<< 554 Error: no valid recipients
The issue is that I have a secondary server (mail.xxxxxx.com) that I use for customer relay services only, with an MX record and priority of 20. My production server has an MX record priority of 10 (mail2.xxxxxx.com). What I think is happening is that the initial incoming request gets rejected by the production server with the greylisting message, then the incoming request hits the secondary server which has no accounts on it, hence generating the 550 error.
These are the posts that I followed up to this point:
Improving Anti-spam system - Zimbra :: Wiki
[SOLVED] I don't think RBLs or Bayes are working for me
[SOLVED] Frequently getting 450...address verification in progress
Does anyone have any ideas as to how I can configure my dns to not roll to the secondary (MX=20) server in order to no get the 550 message while greylisting? Regards and thank you in advance.