local mailserver behind firewall / failure notices

ItsMe used Ask the Experts™
hi! i've set up a suse linux 8.0 web server for our local intranet. the server is behind a router with nat firewall. when i send mails with php.mail the local mail server delivers them to any destination. this day the mailserver of one of our customers broke down for several hours. my question is: what happens now ? will the local mailserver retry delivering until it works or will it send a failure notice to the reply address specified in the mail body ? it seems that all mails arrived the customer. but to make sure that everything is working fine i tried to send a mail to a non existent mail address, i got no failure notice until now.

i'm wondering:

- if the other mail server sends the failure notice to the specified mail reply address

- or if it tries to connect to my local server (which is protected by the firewall)

best regards

Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
1) If the MX record for the destination mail domain has other hosts that will handle the mail, it will try them in order of preference.

host -t MX mvhi.com
mvhi.com                MX      20 relay2.mail.gxn.net
mvhi.com                MX      10 gate.mvhi.com
mvhi.com                MX      20 relay1.mail.gxn.net

Mail to mvhi.com will go to gate.mvhi.com first, but if that host is down, it will go to relay1 or relay2 instead.

2) If no entries listed in the MX records are accepting mail,
the mail will be queued.

3) If the mail is still not accepted after some time, warning messages are sent to the orginator of the mail.

4) If the mail is still not accepted after a long time (typ. a few days), the message is bounced back to the originator.

By "originator", I mean the mailbox listed in the message *envelope*, which may not be the same as any of the addresses in the message, however, it is often the same as the mailbox in the From or Sender line.

To understand the distinction between message envelope and message body, read RFC821. Pay particular attention to the examples and "MAIL FROM".
Gabriel OrozcoSolution Architect

this is a normal behavior of the e-mail (smtp protocol)
it will try again in a minute, then in an hour, then in a day, and then it should give up.

your mails should still be in the outbox, whichever that folder is for your mail server.

When you send a mail to another site, you MUST ensure that the mail can be replied to, ie. you have a valid mailbox listed for the envelope sender.

If you don't, then you may miss out on bounces generated by the remote MTA. In fact, if the envelope sender is obviously invalid (eg. because the mail domain does not exist), it may not accept the message in the first place.

Bounces always go to the mailbox listed in the envelope sender - the fact that the message originated from a machine behind a firewall has no effect on this. However, since you do send from behind a firewall, make sure that the host listed in the HELO line is valid (ie. not an internal name).
PMI ACP® Project Management

Prepare for the PMI Agile Certified Practitioner (PMI-ACP)® exam, which formally recognizes your knowledge of agile principles and your skill with agile techniques.


hi pjb1008 and redimido!
i think i understand what is happening here. the error message was deliverd from my local mailserver to my local user root. is it possible to capture such failure notices and to route them to a web mail account?

how do i in generally route all e.g. localhost.root mails to an internet email address ?

best regards
Gabriel OrozcoSolution Architect
if you have sendmail, you must create a file under the home directory of the user, called .forward
it should have the internet email inside, i.e.:

and that's all

with qmail, you should create a .qmail file, and it should have this format:

I don't know which email is yours, but I think is sendmail.


hi redimido !
its sendmail. i tried to send an message to a non existent email address. on my server at home, the failure notice is delivered to localhost.root. at the company (with the firewall) nobody receives a message. i don't understand that ! is the communication between sending and receiving server time delayed or interrupted ? within one tcp/ip connection the firewall should cause no problems. so i assume that the receiving server receives the mail, ends the session, finds out that the user doesn't exist and then tries to establish a new connection to my firewall-saved server which does not work ?

best regards
Gabriel OrozcoSolution Architect

Hi ItsMe

what happend is that you can change the way sendmail answer to non existent accounts. it can route all mail to a spacial "postmaster" account, which is root, or can "bounce back", or both.

everything is there in the sendmail config file.
mmhh.. it should reply automaticaly.
do you already readed the header of those emails sent to root? is there a reachable sender that can be replied to?

maybe this will help you with sendmail:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
Post your closing recommendations!  No comment means you don't care.

No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is:
Split between pjb1008 & Redimido.
Please leave any comments here within the next seven days.


EE Cleanup Volunteer

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial