I have been doing some reading about spam and secondary MXs recently. We currently use our ISPs backup MX service, simply because we are a small business at one location and we don't have backup mail servers. I'm told that often spammers will send to the second MX in order to bypass the spam checking on the main mail server. Our mail server is an Exchange 2003 SP2 (under SBS 2003) box.
So the questions I have are:
1. Why would sending to the secondary MX allow spammers to evade spam filters? The backup MX server eventually has to send those e-mail to the main server, so wouldn't the main server just filter the incoming e-mails at that point, regardless of the source?
2. How do I tell which e-mails came through the secondary MX and which came in directly to primary? I'd like to check to see if we are acutally receiving any e-mail through our secondary MX on a regular basis.
Any insight on this would be much appreciated.