[Mimedefang] SMTP error return after DATA?

alan premselaar alien at 12inch.com
Fri May 9 14:09:01 EDT 2003


On 5/9/03 9:55 PM, "Michael Sims" <michaels at crye-leike.com> wrote:

...snip...
> 
> The only solution that I can think of is to have this exchanger relay to an
> internal dedicated MIMEDefang machine.  This way if the dedicated machine's
> load average goes up and it's start rejecting connections, my end users will
> not know about it and the primary exchanger will simply queue the message
> and retry in a few minutes.  Worst case scenario during a mail flood is that
> mail delivery is delayed by a few minutes.  I don't plan to run MIMEDefang
> at all on the public exchanger, so I should be able to handle plenty of
> concurrent SMTP connections without sending CPU utilization through the
> roof.
> 
> I had this notion a while back, and it was actually confirmed by a message
> that you posted to the list:
> 
> http://lists.roaringpenguin.com/pipermail/mimedefang/2003-April/005182.html
> 
> I guess my problem is that all of my internal users use the primary
> exchanger as their SMTP relay, but that's the way it's been for years, and
> changing this means reconfiguring 1000+ desktops.
> 
> If anyone has any other suggestions other than hardware upgrades I'd love to
> hear them...
> 

Michael,

 it seems to me like a better solution might be to make another machine
(with MD / SA and whatever) your primary MX machine.  your users can
continue to use the current mail server for POP/IMAP/SMTP outgoing as
necessary, and that machine could (if necessary) relay all outgoing mail
thru to the new primary MX machine, if you want to scan outgoing messages,
although that is optional really.

so, then, the only changes really necessary would be the MX pointer(s) of
your DNS record.

I have a similar type of setup at my office. on our internal network we have
an Exchange server (which i really hate, but i have no choice) which all of
our users use to connect to directly with outlook for sending receiving
mail.  all mail going out gets relayed thru our primary MX mail server on
our DMZ.  all incoming mail comes in thru the primary MX mail server on the
DMZ.  we don't have nearly as many people (or email accounts) as you do, but
there are times when we receive a decent load of email at the one time.

if the MX server tempfails, the exchange server just queues the outgoing
mail and the enduser knows no better of it.  any incoming mail gets queued
on the outside until the connection can be made, and again the end user
knows no better of it.  it's been working really well since i implemented
it.

hope this is useful info

alan




More information about the MIMEDefang mailing list