RE: relaying denied

Alexander Dalloz wrote:
>> I have checked the zone information for each of the domains on Y
>> and they have MX records listed correctly -- mail should first go
>> to Y, then to X.
>>             MX   10 Y.ns1.com
>>             MX   15 X.ns2.com
> If you have 2 different mail servers each for it's own set of
> domains, then these DNS entries are wrong! and must lead to errors.
> It would explain some errors you see in your maillog.

I too, interpreted the OP comments to mean that he has two MX records for
domain names that were moved from one MX server to the other. If that's the
case, then Alexanders reply is correct. Your DNS MX records need to be

If you actually have two MX records, but moved one or more domains mailbox's
to the lower priority server, then the original server must be configured to
allow relaying to the server where the new mailbox's physically exist. Like
what I mentioned in my original post. Also, as Alexander pointed out, mail
will still come into the original server because the DNS server TTL that the
sending host is using to lookup your MX records has not timed out. This is
normal behavior, but can be compensated for with a little planning on your
part. Example:

1) A day or so before moving the mailbox's, run down your DNS server TTL
records for your MX records.

2) Be sure that the original system that the mailbox's resided on is now
configured to relay inbound e-mail to the new server that is responsible for
mailbox storage.

3) Now change your DNS MX records.

Steve Cowles

