> >>>if the host sending this 5xx is the primary MX host for the domain,
> >>>
> >>>
> >>Slight problem here. There may not be *a* primary MX. There may be
> >>several MX's with equal priority. But I don't think it affects your
> >>argument very much.
> >>
> >
> >Correct. It does not affect my argument at all. (I've lived with multiple
> >bosses of equal authority, and I learned really quickly to take the first
> >answer I got!)
> >
> >Jim Roberts
> >Punster Productions, Inc.
> >
> >
> But you never had the situation where one of the bosses was
> decommisioned but that information just didn't propagate to you yet.
> Interpret 554 to be something along the lines of that decommisioned boss
> saying I cannot answer that for you. It's not 5xx we are talking about,
> but rather the specific code of 554. The original request that started
> this thread was not for all 5xx to be treated as 4xx, but rather that
> 554 itself could be handled differently. While there may be many
> postmasters who would blacklist someone trying to get around their 500
> level return those postmasters shouldn't be sending out a 554 on connect.
>
> Eric
Actually, I've had exactly that situation! If one boss says "I can't answer
that for you" the correct response is to ask "why not?" Immediately going to
the next boss without getting further clarification from the first boss would
be a remarkably poor idea.
(The answer, btw, was, "Because I'm leaving for a new job *big smile*" - which
then permitted me to go ask another boss without getting in trouble. Had the
answer been "I'm not at liberty to tell you," I would ask, "Should I ask
another boss?" which might get me a "Sure, go ahead" or it might get me a
"Don't bother" either of which clarifies enough to determine a safe course of
action. The point of all this? If you get a 554, FIND OUT WHY before you go
off asking all the other MX's. More work for you? Perhaps, but that's your
job. Why risk getting yourself black-listed for trying to go around a
deliberate block? And a 554 on connect is nothing if not a deliberate block.)
I argue that the DNS MX records "should" never point to a server that responds
with 554 on connect. The error here thus probably lies with the DNS records.
That is, the "Big Boss" (DNS) should have told everyone that the "boss" (MX)
in question was being decommissioned, instead of causing all those questions
to that boss to bounce until the office was cleared out.
I just love analogies, don't you? ;)
If the desire is to have clients "try the next MX", the correct way to do so
is to reject the initial IP connection. That is the universally recognized,
unambiguous method of doing so. If you get a 554, it's a reasonable bet that
the secondary MX's will give you the same answer, anyway. Because using 554
would be appropriate if the entire domain were being de-commissioned, rather
than a single server.
(There are probably other uses for 554, but I am responding only to an example
of de-commissioning.)
Jim Roberts
Punster Productions, Inc.
