On 3/9/2011 4:29 AM, Christian Roessner wrote:
Hi,
I recently read about the trick by Wietse, defining a second DNS record
to skip the 450 delay that follows some postscreen tests. I modified my
DNS and it looks like this now:
host -t mx roessner-network-solutions.com
roessner-network-solutions.com mail is handled by 10
mx0.roessner-net.de.
roessner-network-solutions.com mail is handled by 20
mx0-1.roessner-net.de.
and that works.
Could I also simply set a second A-RR for mx0.roessner-net.de. ? Do MTA
implementations always use any A record, if one throws a 450? I looked
inside smtp_addr.c to find answers (how Postfix might handle this) and
saw the usage of getaddrinfo() and pointered lists and stuff; not sure
if I really understood, but would Postfix use a next client IP, if one
temp fails?
Postfix resolves all equal-weight MX records and groups
${smtp_mx_address_limit} resulting A records, and will then
make ${smtp_mx_session_limit} attempts before deferring the
mail or delivering to a fallback relay. This prevents hosts
with hundreds of non-working MX records from hogging resources.
http://www.postfix.org/postconf.5.html#smtp_mx_address_limit
Some MTAs presume that all A records belonging to a single MX
are the same host, so if one A fails, they skip other A
records belonging to the same MX assuming they will fail also.
So it's best to create two equal-weight MX records if you want
to treat them as two separate hosts.
Has the second-MX solution any advantages? Should I stay on the current
setup?
Your current setup looks fine.
-- Noel Jones
