Your downstream MTA is supposed to accept all mail from your MTA. That's why the option says ..forward ALL mail... (emphasis added). To resolve this issue, mail for domains which this external MTA is authoritative should be sent through another connector.
On 07/18/03 09:56, "Phillips, Alan" <[EMAIL PROTECTED]> wrote: > We've recently worked out the what's going on with a problem we're seeing with > outbound SMTP mail flow from E2K. > > On our live system (2 back-ends, 2 front-ends and a legacy Ex55 IMS system > that we're in the process of removing) outbound mail normally flows through > the FE's, but sometimes goes out via the IMS (a higher cost route that > shouldn't be used) for a period of several minutes. > > On a test system we found we can provoke the problem at will. We took a W2K > SP3 system running E2K SP3, with an SMTP connector set to route all mails to a > downstream Unix system running Exim 4.20 as MTA, and it goes like this: > > - Exchange initiates an SMTP connection to the downstream MTA > - It sends a RCPT TO with an invalid address, and the command is rejected by > the MTA with a 550 - in some cases a single line message, sometimes a > multi-line message > - An NDR goes back to the sender > - The routing engine logs a 977 event "Following connector failed to connect > to its target bridgehead..." > - A "link down" event is distributed round the routing group > > All further outbound mail is now queued on the "messages for unreachable > destination" queue. After 15 minutes the connector attempts an SMTP connection > to the downstream system, succeeds, and the link is brought up. > > If we change the SMTP connector configuration to "Use DNS to route to each > address space" everything works fine. We can't use this in live service, > though, since we have to have all outbound mail handled by our central hub > systems. > > Anyone got any comments? It seems like this is one for PSS - taking a link > down just because a recipient is rejected by the downstream system does not > seem a sensible thing to do - actually it's a good way for users to do a DOS > attack, just by mailing to non-existent addresses....... > > Thanks > > Alan _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
