We use a Symantec Enterprise Firewall that sends a 421 to the mailserver if the destination mailserver is down. I found this on Symantecs website:
<SNIP> SMTPD then tries to connect to the destination server and finds that it is down or unreachable. SMTPD then sends a 421 "service not available" error message back to the internal email server to tell it to move along to the next MX record with a higher priority. AXENT Technical Support have found that some mail servers will not roll over to the second MX record because they do not properly interpret the 421 SMTP error message returned by the firewall. The mail server believes it has already made a successful connection with the remote mail server when it has only communicated with the Raptor Firewall's SMTP proxy. The SMTP server will not even try the second MX record. </SNIP> So according to Symantec it is Imail that has the wrong behavior. Best regards Claus Pedersen -----Original Message----- From: R. Scott Perry [mailto:[EMAIL PROTECTED]] Sent: 27. februar 2002 15:03 To: [EMAIL PROTECTED] Subject: RE: [IMail Forum] Imail do not send mail to backup mailservers >It depends on the response of the other mailserver. If imail gets the >answer "421 SMTP service not available, closing transmission channel" , >it never tries to send the mail to a backup mailserver. That's the correct behavior. The 421 code tells IMail that it should retry later. It specifically means that the mail server will later be able to accept the mail. >I had the same problem with some domains. All messages sent to these >domains bounce back. I talked to one of these domains?s postmaster and >he told me that their primary mailserver is only for internal mails, >for mails from outside their secondary mailserver is responsible. That's a very poor network design. It would work if the primary mailserver returned the correct "554" response, which essentially tells IMail "We're not going to go through with an SMTP transaction, you'll have to try another MX record". >They were not willing to change their setup. Since the bozos there have it set up wrong, and will not fix it, they will lose a lot of mail. >Because this is a important customer of us, we set up an UNIX gateway. For others, if there is a very important customer with a very poorly designed mail server like this, you can add: 192.168.100.12 example.com to the \winnt\system32\drivers\etc\HOSTS file on the IMail server (replacing 192.168.100.12 with their backup MX record, and replacing "example.com" with the domain in question), and IMail will send the mail directly to their backup mail server. -Scott --- Declude: Anti-virus, Anti-spam and Anti-hijacking solutions for IMail. http://www.declude.com --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
