The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Secondary MX strange issues

Discussion in 'E-mail Discussions' started by ispro, Jan 7, 2009.

  1. ispro

    ispro Well-Known Member

    Joined:
    Apr 8, 2004
    Messages:
    628
    Likes Received:
    1
    Trophy Points:
    18
    We have client who need our server to be secondary MX for his domain.

    As this client have hosting account on this server we:
    1) removed his domain (DOMAIN) from /etc/localdomains;
    2) added DOMAIN to /etc/remotedomains;
    3) added DOMAIN to /etc/secondarymx;

    In client's DNS zone we have:
    MX 0 ex.DOMAIN
    MX 10 mail.DOMAIN
    Where ex.DOMAIN is his Exchange server and mail.DOMAIN is our mailserver.

    This should work but it doesn't. When Exchange server is unreachable Exim trying to deliver emails back to itself which result in final error like this:

    2009-01-07 13:28:54 1LKWak-00017v-HU => tours@DOMAIN F=<> R=dk_lookuphost T=dk_remote_smtp S=10850 H=DOMAIN [75.XX.XX.XX] C="250 OK id=1LKWak-00017z-Kn"
    2009-01-07 13:28:54 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1LKWak-00017z-Kn
    2009-01-07 13:28:54 1LKWak-00017z-Kn ** tours@DOMAIN F=<>: Too many "Received" headers - suspected mail loop
    2009-01-07 13:28:54 1LKWak-00017z-Kn Frozen (delivery error message)

    As you may see it tried to deliver email to itself and after loop Exim stopped it with internal anti-loop directive.

    In front of Exim we have ASSP but it shouldn't matter as Exim aren't supposed to mail to itself.

    Seems like I'm missing something important but can't find what. Anyone?
     
  2. ispro

    ispro Well-Known Member

    Joined:
    Apr 8, 2004
    Messages:
    628
    Likes Received:
    1
    Trophy Points:
    18
    Anyone, please?..
     
  3. ispro

    ispro Well-Known Member

    Joined:
    Apr 8, 2004
    Messages:
    628
    Likes Received:
    1
    Trophy Points:
    18
    /etc/backupmxhosts

    I also found that there is new option for a while /etc/backupmxhosts - what this is for?

    I found no references to it, just declaration in the form:
    hostlist backupmx_hosts = lsearch;/etc/backupmxhosts

    Messages are still looping and freezing. E.g. the message received by server will never reach primary MX not matter it is up already... ;(
     
  4. ispro

    ispro Well-Known Member

    Joined:
    Apr 8, 2004
    Messages:
    628
    Likes Received:
    1
    Trophy Points:
    18
    Haven't anyone tried to use their Exchange server with cPanel's Exim?! :confused:
     
  5. ispro

    ispro Well-Known Member

    Joined:
    Apr 8, 2004
    Messages:
    628
    Likes Received:
    1
    Trophy Points:
    18
    Well, after investigation we found the reason.
    We have previously set Exim listen on 127.0.0.1 interface to protect it via ASSP (using own ASSP X addon).

    Unfortunately, when Exim binded to specific interface it assume it as the only internal interface. E.g. every other local (!) IPs considered by Exim as external. I would say it is design mistake but as trying to resolve it with developers may take months (!) if not years, especially having in mind cPanel rarely update its own build of Exim and has no intention in support of so-called third-party Exim addon.

    Solution was to remove listen_interfaces option from exim.conf & exim.conf.local, but to keep daemon_smtp_ports to alternate (125) port. As we have firewall installed no-one from outside may connect to it while our ASSP may still communicate via 127.0.0.1:125 to Exim.

    This completely resolved Secondary MX issue for us.

    P.S. Proper setup for Secondary MX includes:
    1) Removal of domain from /etc/localdomains (in the case you have that domain on your server, otherwise it won't be there);
    2) Adding domain to /etc/remotedomains (in the case you have that domain on your server, otherwise you needn't to add it, but adding domain here may be fool-proof step) & /etc/secondarymx (a must for relaying to primary MX!);
    3) Making sure that ALL DNS zones (including local if any!) have proper MX order, where your server listed as next high priority after primary MX server.
     
Loading...

Share This Page