[xmail] Re: undeliverables coming to secondary server
Thanks for the info Jeff, but the primary server has the postmaster set as = the main domain on that server, not the pmnhg.net. The mystery continues...=20 >>> [EMAIL PROTECTED] 02/06/04 09:04PM >>> Dale Qualls wrote: >Hiya gang: > >I'm going to ask this question again, as I haven't yet received a reply = =3D >regarding it. > >Here's my config > >Primary Server (admin domain is fvgsc.org) >one of the domains on this server is thequallsfamily.com > >Backup Server (admin domain is pmnhg.net) >thequallsfamily is a custom domain on this server doing smtp relay in = case =3D >the primary is down (this works, tested by taking the primary down, =3D >sending messages then bringing the primary up later and the messages get = =3D >pushed over by the backup) > >If a message goes to the Primary (as in the message below to [EMAIL PROTECTED] l=3D >sfamily.com did) and the user doesn't exist on the domain (just as sales = =3D >doesn't exist), the message then comes to the backup server (instead of = =3D >going back to the sender as a 550). The backup server ends up with the = =3D >message frozen (which is where the message below came from) as a message = =3D >from the postmaster on the backup server. > >Shouldn't the message go back to the sender from the primary server and = =3D >never even be looked at by the secondary except to do the relay back to = =3D >the primary? > >Also, it seems like a lot of messages come to the secondary even though = =3D >the primary is never down (it's on a full T-1 and it is NOT a busy = domain, =3D >I'd guess less than a couple hundred messages a day). It could be that = =3D >only the undeliverables for thequallsfamily.com come to the backup, but = =3D >I'd guess that they should never interact with the [EMAIL PROTECTED] = as =3D >far as an undeliverable message goes) > >Any advice? Maybe I have something configured wrong? I followed the = docs =3D >exactly (at least I believe so). > >Thanks!! > =20 > Do you have the postmaster parameter in the server.tab file for primary=20 server set to [EMAIL PROTECTED] I'm guessing here but I think what=20 is happening is the primary server is bouncing the mail sent to "sales"=20= using [EMAIL PROTECTED] as the Mail From value. Since the mail is=20 using a forged address the bounce message is bouncing back to=20 [EMAIL PROTECTED] on your secondary server as undeliverable. Jeff >Here is one of the messages that keeps getting frozed because it has no = =3D >place to go. > >**= *=3D > > >127.0.0.1:0;127.0.0.1:0;Wed, 4 Feb 2004 04:48:55 -0600 >pmnhg.net >XA4E >MAIL FROM:<[EMAIL PROTECTED]> >RCPT TO:<[EMAIL PROTECTED]> ><> >X-AV-Scanned: yes 64bac0815050b73791b8520b5bb6a126 >Date: Wed, 4 Feb 2004 04:48:55 -0600 >X-MessageId: <1075891733340.1015835.MAIL2> >X-SmtpMessageId: >From: pmnhg.net PostMaster <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: Error sending message [1075891733340.1015835.MAIL2] from =3D >[pmnhg.net] >X-MailerServer: XMail 1.17 (Linux/Ix86) >X-MailerError: Message =3D3D [1075891733340.1015835.MAIL2] Server =3D3D = =3D >[pmnhg.net] > >[<00>] XMail bounce: [EMAIL PROTECTED];Error=3D3D[550 = =3D >Mailbox unavailable <[EMAIL PROTECTED]>] > > >[<01>] Error sending message [1075891733340.1015835.MAIL2] from [pmnhg.net= ]=3D >.. > >ID: >Mail From: <[EMAIL PROTECTED]> >Rcpt To: <[EMAIL PROTECTED]> >Server: [66.147.129.196] > > >[<02>] The reason of the delivery failure was: > >550 Mailbox unavailable <[EMAIL PROTECTED]> > > >[<05>] Here is listed the initial part of the message: > >X-AV-Scanned: yes d46ec02fcd728750fc3fc38f5dafebf9 >Received: from ns2.flibbermail.com (62.85.3.131:4415) > by pmnhg.net with [XMail 1.17 (Linux/Ix86) ESMTP Server] > id for <[EMAIL PROTECTED]> from <[EMAIL PROTECTED] =3D >cana.com>; > Wed, 4 Feb 2004 04:48:52 -0600 >Received: (from [EMAIL PROTECTED]) >by ns2.flibbermail.com (8.12.3/8.12.3/Debian-6.3) with ESMTP id =3D >J87Gz033128256 >for <[EMAIL PROTECTED]>; Wed, 4 Feb 2004 10:45:19 + = (GMT) >(envelope-from www) >Message-ID: <[EMAIL PROTECTED]> >From: "Regena Shepherd" <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: Website Intro and Animated Logo Design >Date: Wed, 4 Feb 2004 10:45:19 + (GMT) >X-AntiAbuse: This header was added to track abuse, please include it with = =3D >any abuse report >X-AntiAbuse: Primary Hostname - ns2.flibbermail.com >X-AntiAbuse: Original Domain - ns2.flibbermail.com >X-AntiAbuse: Originator/Caller UID/GID - [80 80] / [80 80] >X-AntiAbuse: Sender Address Domain - >MIME-Version: 1.0 >Content-Type: multipart/alternative; >boundary=3D3D"=3D3D_NextPart_000_0222_01C3C64F.FBD71A00" >=3D09 >This is a multi-part message in MIME format. > > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in th
[xmail] Re: undeliverables coming to secondary server
This all makes sense, sort of, but I find it hard to believe that big = companies or isp's actually create the users on all of their servers to = avoid this. Maybe something else is configured incorrectly?? >>> [EMAIL PROTECTED] 02/06/04 05:17PM >>> There is no requirement that SMTP servers deliver only to the primary=20 server for a domain. Any MX record is valid for delivery, regardless of=20 whether the "primary" server is available. So, in essence, the only way = to=20 force all mail to the primary server is to have no secondary (insofar as = I=20 know - if there is a way, I haven't encountered it). As far as bounced mail from the primary going to the secondary, it = sounds=20 like a broken mailer - check your mail logs on the primary to determine=20 whether the mail was rejected (it likely was). If so, the sending = mailier=20 is retrying the next MX it finds for the domain before "giving up" on=20 delivery. This would be valid for a temporary failure error, but I'm = not=20 sure it's valid for a permanent failure error. Finally, as far as how to prevent the messages from queuing in the=20 secondary server, I'm not quite sure how to do that. Of course, it's=20 perfectly legitimate to accept all messages and only deliver those = which=20 are addressed to valid accounts (most of the remaining mail will either = be=20 spam or incorrectly addressed mail) - if you want to do that, I believe = the=20 option to remove spool errors will suffice. However, the original = sender=20 will never know those messages aren't delivered, so you would probably = want=20 to be able to review them (for possible misspelled email addresses) - = which=20 is the whole purpose behind having them frozen. In order to have mail addressed to invalid users rejected on your = secondary=20 server, it would have to be aware of the valid users. This is what I'm = not=20 quite sure how to do - I was originally thinking that setting up the = domain=20 on the secondary server with all the users as normal, then adjusting = the=20 mailproc.tab for each user - but I don't think that will work as I was=20 thinking. The only thing that actually seems to me that it might work = would=20 be to set up an alias domain on the primary server and redirect from = the=20 secondary to that primary. For instance, if you are dealing with=20 thequallsfamily.com as the domain, set up: Primary: thequallsfamily.com <-- has all the users in it, just as normal redir.thequallsfamily.com <-- the domain that the secondary delivers = to Secondary: thequallsfamily.com <-- has all the users in it, just like = primary,=20 except has mailproc.tab for each user to redirect mail to=20 redir.thequallsfamily.com The mailproc.tab file would look something like (assuming user "schmoo"): "redirect" "[EMAIL PROTECTED]" This allows both servers to recognize valid and invalid mailboxes, and=20 accept delivery only for those items which are addressed to valid = users.=20 Using the alias domain for redirecting from the secondary to the primary=20= gives you a way to make sure the messages reach the primary, since the=20 alias domain is not local to the secondary server (otherwise the redirected= =20 message might be delivered locally to the secondary server and either = get=20 stuck or form a mail routing loop). Problem is, I have no idea if this will actually work (and it's definitely= =20 a *high maintenance* solution). I've not actually tried this, so at = this=20 point, it's just theory. Perhaps someone will have a better idea. At 17:53 2/6/2004, Dale Qualls wrote: >Hiya gang: > >I'm going to ask this question again, as I haven't yet received a reply = =3D >regarding it. > >Here's my config > >Primary Server (admin domain is fvgsc.org) >one of the domains on this server is thequallsfamily.com > >Backup Server (admin domain is pmnhg.net) >thequallsfamily is a custom domain on this server doing smtp relay in = case =3D >the primary is down (this works, tested by taking the primary down, =3D >sending messages then bringing the primary up later and the messages get = =3D >pushed over by the backup) > >If a message goes to the Primary (as in the message below to [EMAIL PROTECTED] l=3D >sfamily.com did) and the user doesn't exist on the domain (just as sales = =3D >doesn't exist), the message then comes to the backup server (instead of = =3D >going back to the sender as a 550). The backup server ends up with the = =3D >message frozen (which is where the message below came from) as a message = =3D >from the postmaster on the backup server. > >Shouldn't the message go back to the sender from the primary server and = =3D >never even be looked at by the secondary except to do the relay back to = =3D >the primary? > >Also, it seems like a lot of messages come to the secondary even though = =3D >the primary is never down (it's on a full T-1 and it is NOT a busy = domain, =3D >I'd guess less than a couple hundred messages a day). It could be that = =
[xmail] Re: undeliverables coming to secondary server
Dale Qualls wrote: >Hiya gang: > >I'm going to ask this question again, as I haven't yet received a reply = >regarding it. > >Here's my config > >Primary Server (admin domain is fvgsc.org) >one of the domains on this server is thequallsfamily.com > >Backup Server (admin domain is pmnhg.net) >thequallsfamily is a custom domain on this server doing smtp relay in case = >the primary is down (this works, tested by taking the primary down, = >sending messages then bringing the primary up later and the messages get = >pushed over by the backup) > >If a message goes to the Primary (as in the message below to [EMAIL PROTECTED] >sfamily.com did) and the user doesn't exist on the domain (just as sales = >doesn't exist), the message then comes to the backup server (instead of = >going back to the sender as a 550). The backup server ends up with the = >message frozen (which is where the message below came from) as a message = >from the postmaster on the backup server. > >Shouldn't the message go back to the sender from the primary server and = >never even be looked at by the secondary except to do the relay back to = >the primary? > >Also, it seems like a lot of messages come to the secondary even though = >the primary is never down (it's on a full T-1 and it is NOT a busy domain, = >I'd guess less than a couple hundred messages a day). It could be that = >only the undeliverables for thequallsfamily.com come to the backup, but = >I'd guess that they should never interact with the [EMAIL PROTECTED] as = >far as an undeliverable message goes) > >Any advice? Maybe I have something configured wrong? I followed the docs = >exactly (at least I believe so). > >Thanks!! > > Do you have the postmaster parameter in the server.tab file for primary server set to [EMAIL PROTECTED] I'm guessing here but I think what is happening is the primary server is bouncing the mail sent to "sales" using [EMAIL PROTECTED] as the Mail From value. Since the mail is using a forged address the bounce message is bouncing back to [EMAIL PROTECTED] on your secondary server as undeliverable. Jeff >Here is one of the messages that keeps getting frozed because it has no = >place to go. > >***= > > >127.0.0.1:0;127.0.0.1:0;Wed, 4 Feb 2004 04:48:55 -0600 >pmnhg.net >XA4E >MAIL FROM:<[EMAIL PROTECTED]> >RCPT TO:<[EMAIL PROTECTED]> ><> >X-AV-Scanned: yes 64bac0815050b73791b8520b5bb6a126 >Date: Wed, 4 Feb 2004 04:48:55 -0600 >X-MessageId: <1075891733340.1015835.MAIL2> >X-SmtpMessageId: >From: pmnhg.net PostMaster <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: Error sending message [1075891733340.1015835.MAIL2] from = >[pmnhg.net] >X-MailerServer: XMail 1.17 (Linux/Ix86) >X-MailerError: Message =3D [1075891733340.1015835.MAIL2] Server =3D = >[pmnhg.net] > >[<00>] XMail bounce: [EMAIL PROTECTED];Error=3D[550 = >Mailbox unavailable <[EMAIL PROTECTED]>] > > >[<01>] Error sending message [1075891733340.1015835.MAIL2] from [pmnhg.net]= >.. > >ID: >Mail From: <[EMAIL PROTECTED]> >Rcpt To: <[EMAIL PROTECTED]> >Server: [66.147.129.196] > > >[<02>] The reason of the delivery failure was: > >550 Mailbox unavailable <[EMAIL PROTECTED]> > > >[<05>] Here is listed the initial part of the message: > >X-AV-Scanned: yes d46ec02fcd728750fc3fc38f5dafebf9 >Received: from ns2.flibbermail.com (62.85.3.131:4415) > by pmnhg.net with [XMail 1.17 (Linux/Ix86) ESMTP Server] > id for <[EMAIL PROTECTED]> from <[EMAIL PROTECTED] >cana.com>; > Wed, 4 Feb 2004 04:48:52 -0600 >Received: (from [EMAIL PROTECTED]) >by ns2.flibbermail.com (8.12.3/8.12.3/Debian-6.3) with ESMTP id = >J87Gz033128256 >for <[EMAIL PROTECTED]>; Wed, 4 Feb 2004 10:45:19 + (GMT) >(envelope-from www) >Message-ID: <[EMAIL PROTECTED]> >From: "Regena Shepherd" <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: Website Intro and Animated Logo Design >Date: Wed, 4 Feb 2004 10:45:19 + (GMT) >X-AntiAbuse: This header was added to track abuse, please include it with = >any abuse report >X-AntiAbuse: Primary Hostname - ns2.flibbermail.com >X-AntiAbuse: Original Domain - ns2.flibbermail.com >X-AntiAbuse: Originator/Caller UID/GID - [80 80] / [80 80] >X-AntiAbuse: Sender Address Domain - >MIME-Version: 1.0 >Content-Type: multipart/alternative; >boundary=3D"=3D_NextPart_000_0222_01C3C64F.FBD71A00" >=09 >This is a multi-part message in MIME format. > > >- >To unsubscribe from this list: send the line "unsubscribe xmail" in >the body of a message to [EMAIL PROTECTED] >For general help: send the line "help" in the body of a message to >[EMAIL PROTECTED] > > > > - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: undeliverables coming to secondary server
There is no requirement that SMTP servers deliver only to the primary server for a domain. Any MX record is valid for delivery, regardless of whether the "primary" server is available. So, in essence, the only way to force all mail to the primary server is to have no secondary (insofar as I know - if there is a way, I haven't encountered it). As far as bounced mail from the primary going to the secondary, it sounds like a broken mailer - check your mail logs on the primary to determine whether the mail was rejected (it likely was). If so, the sending mailier is retrying the next MX it finds for the domain before "giving up" on delivery. This would be valid for a temporary failure error, but I'm not sure it's valid for a permanent failure error. Finally, as far as how to prevent the messages from queuing in the secondary server, I'm not quite sure how to do that. Of course, it's perfectly legitimate to accept all messages and only deliver those which are addressed to valid accounts (most of the remaining mail will either be spam or incorrectly addressed mail) - if you want to do that, I believe the option to remove spool errors will suffice. However, the original sender will never know those messages aren't delivered, so you would probably want to be able to review them (for possible misspelled email addresses) - which is the whole purpose behind having them frozen. In order to have mail addressed to invalid users rejected on your secondary server, it would have to be aware of the valid users. This is what I'm not quite sure how to do - I was originally thinking that setting up the domain on the secondary server with all the users as normal, then adjusting the mailproc.tab for each user - but I don't think that will work as I was thinking. The only thing that actually seems to me that it might work would be to set up an alias domain on the primary server and redirect from the secondary to that primary. For instance, if you are dealing with thequallsfamily.com as the domain, set up: Primary: thequallsfamily.com <-- has all the users in it, just as normal redir.thequallsfamily.com <-- the domain that the secondary delivers to Secondary: thequallsfamily.com <-- has all the users in it, just like primary, except has mailproc.tab for each user to redirect mail to redir.thequallsfamily.com The mailproc.tab file would look something like (assuming user "schmoo"): "redirect" "[EMAIL PROTECTED]" This allows both servers to recognize valid and invalid mailboxes, and accept delivery only for those items which are addressed to valid users. Using the alias domain for redirecting from the secondary to the primary gives you a way to make sure the messages reach the primary, since the alias domain is not local to the secondary server (otherwise the redirected message might be delivered locally to the secondary server and either get stuck or form a mail routing loop). Problem is, I have no idea if this will actually work (and it's definitely a *high maintenance* solution). I've not actually tried this, so at this point, it's just theory. Perhaps someone will have a better idea. At 17:53 2/6/2004, Dale Qualls wrote: >Hiya gang: > >I'm going to ask this question again, as I haven't yet received a reply = >regarding it. > >Here's my config > >Primary Server (admin domain is fvgsc.org) >one of the domains on this server is thequallsfamily.com > >Backup Server (admin domain is pmnhg.net) >thequallsfamily is a custom domain on this server doing smtp relay in case = >the primary is down (this works, tested by taking the primary down, = >sending messages then bringing the primary up later and the messages get = >pushed over by the backup) > >If a message goes to the Primary (as in the message below to [EMAIL PROTECTED] >sfamily.com did) and the user doesn't exist on the domain (just as sales = >doesn't exist), the message then comes to the backup server (instead of = >going back to the sender as a 550). The backup server ends up with the = >message frozen (which is where the message below came from) as a message = >from the postmaster on the backup server. > >Shouldn't the message go back to the sender from the primary server and = >never even be looked at by the secondary except to do the relay back to = >the primary? > >Also, it seems like a lot of messages come to the secondary even though = >the primary is never down (it's on a full T-1 and it is NOT a busy domain, = >I'd guess less than a couple hundred messages a day). It could be that = >only the undeliverables for thequallsfamily.com come to the backup, but = >I'd guess that they should never interact with the [EMAIL PROTECTED] as = >far as an undeliverable message goes) > >Any advice? Maybe I have something configured wrong? I followed the docs = >exactly (at least I believe so). > >Thanks!! > >Here is one of the messages that keeps getting frozed because it has no = >place to go. > >***
