This article applies to:
Question:
- Email messages sent between SPE customers are rejected
- "Allow mail to loop back locally" is disabled for the recipient customer
- SMTP response: 421 SMTP service is temporarily unavailable
Information:
MailMarshal SPE 3.1.6 and above uses a new method to route messages from one customer to another in the same installation (same MailMarshal SMTP array).
In earlier versions, the message would be handled once within the same processing server. In versions 3.1.6 and above, the message is processed for the customer outbound and then delivered to the recipient customer over SMTP using the MX record for the recipient domain. This method ensures correct application of rules and also has the effect of ensuring each customer sees the message processing normally outbound and inbound within the logs and message history.
However, in some cases MailMarshal SMTP can reject the "inbound" message, depending on the the receiver policies used and the number of messages delivered between the customers.
In the example below, DoS (Denial of Service) prevention has been enabled.
Sender log
Attempting delivery of B4f143a760000.000000000001.0002.mml via route yourdomain.com (MX) - *, SPE Cust ID: 1, Dir: out
Delivering via MX(yourdomain.com) A(smtp.yourdomain.com) IP(x.x.x.x):25
RX: <421 SMTP service is temporarily unavailable>
Receiver log
Accepted x.x.x.x:38741 on interface x.x.x.x:25 (1 of 50 active), Total active 1. Assigning thread x
<x.x.x.x> [DOS] exceeded DOS threshold. Current connection attempts: 150. Blocking.
TX: <421 SMTP service is temporarily unavailable>
Thread exiting for x.x.x.x after 0 millisecs
Resolution
The recommended solution is to allow local loopback for all customers.
If this solution is not desired for other reasons, you can add the IP address to the exclusions for DoS Prevention
- Open the MailMarshal SPE Web Admin console
- Select the Array that the affected customer is assigned to
- Click Edit and select the DoS tab
- Click New
- Add the external IP address or addresses for each MailMarshal SMTP processing node
Note
It is also important to ensure that the MX records used by the MailMarshal SMTP nodes are correctly configured to allow delivery of messages between customers.
- If the internal environment uses public MX records, check that the firewall will route messages between internal systems using the public IP addresses.
