I've multiple internet connctions coming to my network. Can i have multiple nics to have different public ip to achive different mx recodrs. e.g. nic1 - mx1.123.com - nic2 -mx2.123.com and so on and each interface is connecting to a different service provider. does this help if mx1 get black listed?

Multi-home PC allows only one default gateway per server. You may use route add command to route your traffic properly. As long as you don't have routing issue, the answer is why not.

It seems like a good strategy for fault tolerance to a provider outage, but questionable for protection against blacklisting. Blacklisting only applies to outbound email, and if one of the addresses / hostnames gets blacklisted there's no guarantee it's going to choose the right one to use for delivery.

you can change routing prority settings with route add command to change the default routing to public network or change the blacklist IP address from the NIC. make sure you use route add with -p switch, otherwise, after reboot, all entries will be gone.

A mail server that starts changing it's IP address in response to being blacklisted doesn't do good things for your sender reputation. IMHO.

so what is the best practice. i want to avoid the downtime once the server get blacklisted. I have an option to go for the hosted services like from McAfee but why not build it in-house. suggesstions please.

"Best practice" is to avoid doing the things that normally get servers blacklisted. You can set it up to only use one connection for outbound, and switch it over to the other if you need to. If you set it up to use both, then whatever got you blacklisted on one is probably going to get you blacklisted on the other as well. If you get blacklisted, and immediately start changing IP addresses it makes you look like you were expecting to get blacklisted.

so I don't need to have multiple boxes. I can have multiple NIC while using the same box and change the ip when it is black-listed.

Yes, you can. I'm curious though, why you seem to expect to get blacklisted.

you never know. i've faced this problem and the company was put of business for three days. it was outside USA. Even for us email is very critical and I must have a backup plan.

Contingency planning is always good. Another option would be to contact your service providers about using one of their mailservers as a relay if you need to. If they set it up to accept mail from your server in advance, it's just a matter of switching from deliver by MX to using their mailserver as a smarthost. In my experience most of them will also provide inbound relay, and will accept and queue mail for your domain if you have a server failure. You just set them up as a secondary or tertiary MX, and it's pretty much an automatic failover.

Best Practice is one Public NIC per Edge server. You may have multiple Edge servers for load balance or backup. You can set MX perference for incoming mails to which edge you want to use. You never know one day you may get it screwed up by yourself or someone else. It's hard to get whitelist right away on Internet nowsday. Change sending IP is an option, of course, you should never abuse it.