Mail Issue and Question
Craig White
craigwhite at azapple.com
Tue Nov 29 15:04:37 MST 2005
On Mon, 2005-11-28 at 20:17 -0700, Richard Wilson wrote:
> All,
>
> I have recently run into a 2nd example of an issue that *may* impact
> some of you, so I thought I'd pass it along. I also am trying to look
> out for other "offending" applications and thought this group might know
> of some.
>
> Background: I help manage a large number of sendmail servers (running
> on Linux) for a large corporation. Our servers are the "gateway"
> systems that funnel email from all internal sources to the Internet and
> vice-versa. Message volumes are substantial.
>
> Occasionally one or more of our mail relay servers will reach a limit
> and start refusing further incoming connections, thanks to spammers this
> is all too common. Since we have a large number of relays, the overall
> effect wouldn't be a big deal except for the following:
>
> Our relays accept outbound mail from most of our Web Servers and they
> refer to our relays using a single DNS alias (the alias is the "smart
> host" for the web servers) -- ideally if their server gets a "busy"
> signal from one of our relays, they will try the next one (DNS Round
> Robin, a decent load balancing trick). We discovered the hard way that
> a recent Java Mail applet that's become very popular with Web developers
> doesn't use the built in mail applications that *should* be running on
> the web servers but tries to manage the SMTP "conversation" directly.
> While this is good from the perspective of Web Server system load, the
> applet doesn't handle timeouts from the mail relays gracefully -- it
> instead throws the mail away. The applet has no retry mechanism, no
> queuing and furthermore latches on to the first IP address it gets when
> it starts and resolves the DNS alias. Thus the DNS round robin does not
> come into play at all.
>
> Our answer has been to configure the Java Mail Applet to send to a local
> sendmail instance (configured to only accept mail from the local system)
> which will then send it on to our relays with retries, queuing, and
> correct DNS behavior. The Java Mail Applet gets an immediate response
> and is happy, the mail does get delivered reliably.
>
> We recently found the same thing with Veritas' VCS Notifier and had to
> use the same solution.
>
> I thought some of you might find this information useful. We could
> double the number of relays we have and we would still see this problem
> thanks to the spammers.
>
> Does anyone on this distribution know of any other applications that try
> to handle their own mail in a similar fashion?
>
> I know some of you may object to sendmail on religious or other grounds,
> but we've put in a lot of our own extensions to it and it handles very
> well what we need it to do -- we're not looking for a replacement.
>
> Thanks in advance.
----
handoff to local MTA seems to be the most logical choice for your usage
and thus the best solution.
Craig
More information about the PLUG-discuss
mailing list