If a mail domain has a single MX record but that record's fqdn has multiple
IP's should the SMTP MTA try each IP or does it only need to try one? What
is the correct behavior? I know it should try each MX but I don't see any
where where it says it should try each IP.
Thanks
Bob wrote:
> If a mail domain has a single MX record but that record's fqdn has
> multiple IP's should the SMTP MTA try each IP or does it only need
> to try one?
It will probably only try one. I don't know what the RFCs specify, but
that is what I observe in the wild.
Regards,
David.
On Fri, 2 Mar 2007, David F. Skoll wrote:
>> If a mail domain has a single MX record but that record's fqdn has
>> multiple IP's should the SMTP MTA try each IP or does it only need
>> to try one?
> It will probably only try one. I don't know what the RFCs specify, but
> that is what I observe in the wild.
Gee, after all these years, is UNIX software still that broken? TOPS-20
mail software in the 1980s got this right.
All IPs are supposed to be tried, since a multihomed machine may be a
firewall bridge point and the first IP you get may be on the wrong side.
-- Mark --
http://panda.com/mrc
Democracy is two wolves and a sheep deciding what to eat for lunch.
Liberty is a well-armed sheep contesting the vote.
"Bob"
>If a mail domain has a single MX record but that record's fqdn has multiple
>IP's should the SMTP MTA try each IP or does it only need to try one? What
>is the correct behavior? I know it should try each MX but I don't see any
>where where it says it should try each IP.
This isn't really a mail question, it is a network question.
A system attempting to connect to another system should potentially
try all IP addresses of the destination system, until it finds one
that succeeds.
For mail, if a connect is successful but there is another temporary
error (say a 421 Not Available), then presumably the mail sender
should move on to another MX host and not try another IP for the
same MX host.
Actual mail implementations are all over the map on this. Our main
mail server has two IPs. Some mail senders, after getting "550
User unknown", will attempt to connect to the next IP address of
the server and try again. IMO that's broken.
--
DO NOT REPLY BY EMAIL - The address above is a spamtrap.
Neil W. Rickert, Computer Science, Northern Illinois Univ., DeKalb, IL 60115
Mark Crispin wrote:
> On Fri, 2 Mar 2007, David F. Skoll wrote:
>> It will probably only try one. I don't know what the RFCs specify, but
>> that is what I observe in the wild.
> Gee, after all these years, is UNIX software still that broken? TOPS-20
> mail software in the 1980s got this right.
> All IPs are supposed to be tried, since a multihomed machine may be a
> firewall bridge point and the first IP you get may be on the wrong side.
I don't know if it's UNIX software that is broken. For all I know,
it could just be ratware. All I'm saying is that I do observe the
behaviour (only one IP tried for a multihomed SMTP server) in the wild.
-- David.
In my research I have not found any RFC's that explain at which point do you
choose to jump to the next mx, next IP or defer.
Can someone tell me what document I can find the answeres to the below
questions???
What if you have 3 messages queued, 2 messages get deliverd then a
connection error occurs? Should you jump to the next mx, reconnect to the
same mx, or defer?
What if the RCPT command returns a 4xx error because the system is out of
disk space or the users mailbox full? Do you try the next mx? I would
think if the System was out of disk space you would want to try the next mx
but if the users box was full you would not. Would this mean each return
code should be treated differently? In real life do most server actually
return the correct codes or do most use generic codes that would not allow
me to tell?
What if you connect OK then try to receive a the welcome and a
ConnectionReset error occurs. Do you try the next MX or the next MX IP?
Are there any other RFC's out there that you would suggest I read? Is there
a simple rule that I am overlooking that I could follow to answer thes
questions?
"Bob"
news:DpOdndKOS6Ivx3XYnZ2dnUVZ_oOonZ2d@comcast.com:
> If a mail domain has a single MX record but that record's fqdn has
> multiple IP's should the SMTP MTA try each IP or does it only need to
> try one? What is the correct behavior? I know it should try each MX
> but I don't see any where where it says it should try each IP.
Since you want to maximize deliverability of mail, I think the best
practice is to iterate over each IP address for that fqdn until one of them
connects.
However, as others have said, I have also observed cases where only the
first IP address is attempted. This is probably due to lazy programming,
where the software only uses the first IP address in the list instead of
iterating over all of them.
--
Jem Berkes
www.sysdesign.ca