Hi, I'm having difficulty getting my head around this. An email was sent to one of our servers that is not hosting the domain the email was sent to - but the server appeared to lookup the mx and send the mail on.

log entry

2008-01-21 12:12:47 1JGvWB-0004nq-8a <= sender@senderdomain.com H=(host.senderdomain.com) [ip.ip.ip.ip] P=esmtp S=6039 id=20080121-06364655-e30@C21944-65787 T="email subject"

2008-01-21 12:12:47 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1JGvWB-0004nq-8a

2008-01-21 12:12:47 1JGvWB-0004nq-8a => target@targetdomain.com R=lookuphost T=remote_smtp H=host.targetdomain.com [ip.ip.ip.ip]
2008-01-21 12:12:47 1JGvWB-0004nq-8a Completed


The complicated part......

The sending server in this case "host.senderdomain.com" is our anti spam box.

Heres how it is working....

1. The sending host sends to target domain - mx is set to our anti spam box so it goes there first to be checked for spam.
2. The anti spam box has a list of ip's for the domains hosted. The first time it sends to any domain, it tries to send the message to each server until it gets the right one.
3. When it has successfully delivered the message, it adds the domain and correct IP to its database so it knows where to send email for that domain in the future.

Whats happened here is that the first server contacted would seem to have accepted the message and sent it on to the host specified in the MX for that domain (which incidentally is the anti spam server itself).

Is this the correct behaviour ?