-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dear members,
I manage MTAs for a web-hosting company and recently I encountered a
problem I could use some help with.
We do e-mail forwarding for our customers, which lets them forward the
mail they receive for their registered domains to other addresses,
which can be hosted by third parties. This is done by virtual
mappings. Now, the following problem has risen:
One ISP (Chello, UPC) was blocking our delivery attempt by error code
421. This is something we are quote used to, as we deal with large
volumes of mail destined for major e-mail providers. However, after
contacting the staff at Chello, I learned that they are giving us this
reply, because they don't want to accept more that 1 concurrent
connection to their MTAs. I thought this was really lame and somewhat
masochistic, as he went on about his load-balancing MTA cluster and
how we should be responsible for using only a single connection for
delivery. I'm not planning on changing our carefully built up setup,
tried and tested over many years, just for this one ISP.
Anyhow, on to the real questions.
I have been trying to find and test ways to use only one connection
for remote delivery. I have tried things like
initial_destination_concurrency = 1, but also more stringent settings,
like default_destination_concurrency = 1 and the like... These are
settings I don't want to stick to, but I want to see if some of these
settings make Postfix use one connection only to reach the previously
mentioned tossers (sorry, they are pissing me off).
For now, I don't see any positive results in my logs, but I'm also not
sure whether Postfix is really using only one connection. Netstat can
show me connections, but it's a snapshot and I'm wondering if this can
be checked out more accurately.
Do you guyz have any smart ideas on how to treat mail for this domain
a little different from other mail, so I don't have to change our mail-
setup globally?
What's also baking my noodle, is whether the remote party might have
an issue with connections hanging around.. For all I know, I'm making
only one connection, but they are screwing something up on their side
by not closing them down. The problems started few days ago and,
although they have not confirmed this, I must conclude that they only
recently made this cripled MTA cluster.
Thanks much for any insights and for enduring this long post ;)
Regards,
Samy Ascha
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
iEYEARECAAYFAkkJlywACgkQKIdvzp2UK/EYwQCeMrkmdo5pBSJd6xzsuJqMKwQc
KMsAmwSCWPjdCbhua81fZmhY8Mj5IYLs
=GoOd
-----END PGP SIGNATURE-----
