[Exim] When the lowest numbered MX is firewalled.

Top Page
Delete this message
Reply to this message
Author: Thorkild Stray
Date:  
To: exim-users
Subject: [Exim] When the lowest numbered MX is firewalled.
Hi!

I have a small problem with delivering mails to a couple of domains.
These domains have MX-records like this:

[mail.com is not the real domain]

adm.mail.com          MX      5 gw.mail.com
adm.mail.com          MX      10 recv.mail.com


gw.mail.com does not allow connections directly to itself, it is
firewalled. To send mail, one must send it to recv.mail.com, which is
allowed to connect to the gw directly.

Now, this all works, because Exim will try recv when gw doesn't work.

The problem is when this has been going on for a while. Then the
"gw.mail.com" machine is blacklisted in Exim and it is bounced with:

    retry time not reached for any host after a long failure period


because the gw has had a long failure period.

I have though of a couple of ways to handle this, amongst other:

1) Specific routing for this domain (not good, since it probably isn't
the only one).

2) setting retry_data_expire to be lower than the final bounce-limit.
But this means mail will never be bounced because it never reaches
the limit.

Neither of this seem to be the correct solution. What is the best way
of handling this?

I searched the archive and found a reference that said deliveries to
fedex.com had the same problem, but it did not list a better solution. u

--
Thorkild