Mail Issue and Question

[Richard Wilson]

All,

I have recently run into a 2nd example of an issue that *may* impact
some of you, so I thought I'd pass it along.  I also am trying to look
out for other "offending" applications and thought this group might know
of some.

Background:  I help manage a large number of sendmail servers (running
on Linux) for a large corporation.  Our servers are the "gateway"
systems that funnel email from all internal sources to the Internet and
vice-versa.  Message volumes are substantial.

Occasionally one or more of our mail relay servers will reach a limit
and start refusing further incoming connections, thanks to spammers this
is all too common.  Since we have a large number of relays, the overall
effect wouldn't be a big deal except for the following:

Our relays accept outbound mail from most of our Web Servers and they
refer to our relays using a single DNS alias (the alias is the "smart
host" for the web servers) -- ideally if their server gets a "busy"
signal from one of our relays, they will try the next one (DNS Round
Robin, a decent load balancing trick).  We discovered the hard way that
a recent Java Mail applet that's become very popular with Web developers
doesn't use the built in mail applications that *should* be running on
the web servers but tries to manage the SMTP "conversation" directly.
While this is good from the perspective of Web Server system load, the
applet doesn't handle timeouts from the mail relays gracefully -- it
instead throws the mail away.  The applet has no retry mechanism, no
queuing and furthermore latches on to the first IP address it gets when
it starts and resolves the DNS alias.  Thus the DNS round robin does not
come into play at all.

Our answer has been to configure the Java Mail Applet to send to a local
sendmail instance (configured to only accept mail from the local system)
which will then send it on to our relays with retries, queuing, and
correct DNS behavior.  The Java Mail Applet gets an immediate response
and is happy, the mail does get delivered reliably.

We recently found the same thing with Veritas' VCS Notifier and had to
use the same solution.

I thought some of you might find this information useful.  We could
double the number of relays we have and we would still see this problem
thanks to the spammers.

Does anyone on this distribution know of any other applications that try
to handle their own mail in a similar fashion?

I know some of you may object to sendmail on religious or other grounds,
but we've put in a lot of our own extensions to it and it handles very
well what we need it to do -- we're not looking for a replacement.

Thanks in advance.
-- 
Richard Wilson
r dot wilson (nine) at cox dot net