Sanford,
Thursday, May 30, 2002 you wrote:
SW> In what situations would relaying for the backup be a requirement?
That's easy enough. The case where someone has 2 IMAIL servers, A
and B, and each on separate networks. A is backup for B and B is
backup for A.
I did test this too and you have to put both machines's IP in each
other's ACL to make the backup work.
I just tested this whole thing again, too, just to remind myself what
happens.
I have a primary server A_domain and backup B_domain.
I send a message to b_domain with rcpt_to written as
"name%C_domain@A_domain".
B_domain accepts this message because it is a backup for A_domain.
B_domain sends the message on to A_domain.
A_domain then sends the message to "name" at C_domain.
That is in the case where B_domain is also in the ACL of A_domain.
I have not tested Eric's solution of removing B_domain from the ACL of
A_domain but I assume Eric has tested this and that he is correct.
Regardless, there is something puzzling about the way in which IMAIL
handles the percent-sign e-mail address.
If you have an address like "account@A_domain" then a message to that
address should be delivered to "account" on "A_domain".
In the IMAIL case and where "account" has a percent sign in it the
IMAIL backup server (B_domain in my example) is perfectly capable of
parsing the address, determining the domain (A_domain), looking in the
HOSTS file to find A_domain's IP address, and checking the ACL to see
if relaying is allowed for A_domain. So it seems to me that IMAIL
really does know how to find the domain for this address. It makes
sense that the part of the address that is not the domain is the
account name.
B_domain cannot ascertain if "account" is a valid account on A_domain
so B_domain simply sends on the message at the first opportunity.
So in my opinion there is nothing wrong up to this point and certainly
it is demonstrated that IMAIL can determine the domain of the address.
But now A_domain server receives the message which is still addressed as
"account@A_domain". But "account" actually looks like this:
"account2%C_domain"
What should happen it seems to me is that IMAIL should check to see if
this entire account name exists for the A_domain and if it does it
then should deliver the message. If the account name does not exist
then it should bounce it.
And this is what happens in the situation where you send the same
message to the A_domain server directly and not from the backup mail
server.
But in the case where the message is sent from the backup mail server
IMAIL treats the account name as a new message address. At least in
the case where the backup mail server (B_domain) is authorized as a
relaying address for the A_domain (or if no relaying restrictions
exist) then IMAIL on A_domain will endeavor to deliver the message to
"account2" at the C_domain. qed.
I'm surprised IMAIL handles the message differently where there is no
ACL for the backup.
Regardless the fact remains that IMAIL is handling the ACCOUNT part of
the address differently when it is received from a backup mail server
and when it has a percent sign in it.
This seems incorrect to me and I personally would still classify it as
a "bug" or at least a decidedly strange feature.
It is an interesting issue at any rate.
Terry
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Please visit the Knowledge Base for answers to frequently asked
questions: http://www.ipswitch.com/support/IMail/
