>Why should'nt Imail try the secondary mailservers if it get a 421??
>According to RFC821 the 421 error means:
>421 <domain> Service not available, closing transmission channel
Correct. But "Service not available" is a human description, not a
computer description. To a human, it could mean that the server will never
accept SMTP commands. But to a computer, if you look at Appendix E of
RFC821, it says "The sender should return to the beginning of the command
sequence."
>I thought that a secondary mailservers should be used in cases where
>"<domain> Service not available",
No. The secondaries are typically used when the primary is not
reachable. If the primary is reachable, there is usually no need to go to
a secondary (IE if the primary returns "No such user", no mailserver will
try sending the mail to the backup mailsever, even if it does accept mail
for that user).
>The ISP that I have the problem with, explained that the DNS setup was made
>that way because their secondary mailservers is the only servers that is
>allowed to send mail to the primary mailserver (security isue),
That's a common setup. But with that setup, the primary shouldn't be
listed in the MX records (so the secondaries would in reality be
primaries). For example, if you have 2 IMGate servers that forward mail to
your IMail server for security reasons, you don't have the IMail server
listed in the MX records.
>so all mailconnections is refused at the primary,
Which is the source of their problems. If you went to a store and there
was a big "WE ARE CLOSED TODAY" sign on the front of the store, would you
try going to a back door to see if it was unlocked?
>They are a huge ISP
In that case the are allowed to make up their own rules.
Of course, nobody has to follow their rules.
Have they given thought to the huge amount of wasted bandwidth in DNS
lookups and multiple TCP/IP connections to the primary mailserver?
>and according to them a lot of others isp's has the same config
Yes, lots do. But they have it set up correctly, without the final
destination listed in the MX records, if they don't want mail going there.
>I can't solve it by adding their secondary server to a host file (to much
>work to
>find thoose setups).
GOOD! Then you are forcing the huge ISP to take care of the problem
somehow (fix the problem or lose a customer, most likely). There is no
reason you should have to hack up your mailserver to get mail to an ISP
that has a very poorly designed mail system.
-Scott
---
Declude: Anti-virus, Anti-spam and Anti-hijacking solutions for
IMail. http://www.declude.com
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/