On Mon, 2005-11-28 at 20:17 -0700, Richard Wilson wrote: > All, > > I have recently run into a 2nd example of an issue that *may* impact > some of you, so I thought I'd pass it along. I also am trying to look > out for other "offending" applications and thought this group might know > of some. > > Background: I help manage a large number of sendmail servers (running > on Linux) for a large corporation. Our servers are the "gateway" > systems that funnel email from all internal sources to the Internet and > vice-versa. Message volumes are substantial. > > Occasionally one or more of our mail relay servers will reach a limit > and start refusing further incoming connections, thanks to spammers this > is all too common. Since we have a large number of relays, the overall > effect wouldn't be a big deal except for the following: > > Our relays accept outbound mail from most of our Web Servers and they > refer to our relays using a single DNS alias (the alias is the "smart > host" for the web servers) -- ideally if their server gets a "busy" > signal from one of our relays, they will try the next one (DNS Round > Robin, a decent load balancing trick). We discovered the hard way that > a recent Java Mail applet that's become very popular with Web developers > doesn't use the built in mail applications that *should* be running on > the web servers but tries to manage the SMTP "conversation" directly. > While this is good from the perspective of Web Server system load, the > applet doesn't handle timeouts from the mail relays gracefully -- it > instead throws the mail away. The applet has no retry mechanism, no > queuing and furthermore latches on to the first IP address it gets when > it starts and resolves the DNS alias. Thus the DNS round robin does not > come into play at all. > > Our answer has been to configure the Java Mail Applet to send to a local > sendmail instance (configured to only accept mail from the local system) > which will then send it on to our relays with retries, queuing, and > correct DNS behavior. The Java Mail Applet gets an immediate response > and is happy, the mail does get delivered reliably. > > We recently found the same thing with Veritas' VCS Notifier and had to > use the same solution. > > I thought some of you might find this information useful. We could > double the number of relays we have and we would still see this problem > thanks to the spammers. > > Does anyone on this distribution know of any other applications that try > to handle their own mail in a similar fashion? > > I know some of you may object to sendmail on religious or other grounds, > but we've put in a lot of our own extensions to it and it handles very > well what we need it to do -- we're not looking for a replacement. > > Thanks in advance. ---- handoff to local MTA seems to be the most logical choice for your usage and thus the best solution. Craig --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change you mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss