--
On Wed, Nov 20, 2002 at 09:56:58AM -0800, Marcelo Moreira wrote:
> From: "Steven R. Bourque" <sbourque@???>
> > Our mail server is secondary for some domains, and it is
> > relaying/accepting the mail fine for those domains.
>
> Ok.
>
> > As soon as it gets the mail and accepts it, it appears to check DNS for
> > the MX records, and sees that the next one from the primary (which is
> > down) is address 207.139.193.66 and tries to send it there. The
> > firewall receives it and sends it back to 10.10.6.70, this process goes
> > on until it detects the loop and the message is dropped.
>
> So you mean your primary is down ?!?!?!
> And what about when it is up, does this configuration works fine ?
When the primary is up everything works great.. just as planned.
>
> This is happening (I think !!!!), because the backup server is
> 207.139.193.66 (which in turn, tunnels to 10.10.6.70).
> You need to configure 10.10.6.70 also as an intermediate backup server for
> the domains. This way, the mails will not loop anymore, since they are
> already there, and will only leave to go to the primary server, whenever it
> comes back up.
>
> For example, let's assume you have this...
>
> domain.com MX 10 primary.domain.com
> domain.com MX 20 207.139.193.66
>
> Then insert a MX entry like this:
> domain.com MX 15 10.10.6.70
But then we would be advertising private addresses for MX records,
obviously people won't be able to connect to them, unless the internally
are running a mail server on the same IP, but still. I frown upon doing
that.
I do agree that your suggestion will work, but is there a more cleaner
way to do that? Any way to tell exim that if it is for the
207.139.193.66 address to keep it! :)
Thanks
--
\Steven.
/*
| Steven R. Bourque, CCNA
/"\ | Network Engineer
\ / ASCII ribbon campaign | Packet Works Inc.
X against HTML email | p: 519.579.4507. f: 519.579.8475.
/ \ | http://www.packetworks.net
| PGP ID: 0x373AB23B
*\
--
[ Content of type application/pgp-signature deleted ]
--
