Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Messages stuck in Q on secondary MX (How do I kick them?)

Messages: 9
Karma: 0
Send a private message to this user
Hi, so one of our old mailservers due for retirement decided to throw two of its raid5 disks and retire itself early. Not too worried, a plan was in place...

1. Update zonefile MX (we only run a single MX record) to point mail towards a second KMS server already configured to act as an offline ETRN triggered forwarder for the domain. (This second server also serves another domains users but don't think that's an issue). New mail starts arriving there within seconds and the message queue starts to fill up. <M.Burns> Eeeexxxxcellent.

2. Build sparkly new mailserver on all new shiny hardware that happened to have just been delivered and configured (what luck).

3. Restore the most recent full and differential backups. All looks good.

4. Expose the happy new server to the interweb. Users start to use it, everyone is happy.

5. Update zonefile MX to point mail to the newly restored server. Within seconds mail starts arriving. Everyone is even happier Smile All that is missing is the mail that accumulated on the temporary secondary in the few hours it took to create the new mailserver.

And that's where it all gets a bit sticky Sad

I tell the new server to ETRN pickup the mail that accumulated on the temporary secondary. Nothing. The mail just sits there.

I try telling the secondary to schedule delivery, but no delivery is every sent.

I try telling the secondary to immediately send, and it does nothing.

So I've spent hours playing with the config, restarting KMS's, trawling the docs and forums and have come up with nothing Sad Please help? How do I get the mail on the secondary to the primary? Have I totally misinterpreted how ETRN works? Or am I missing a piece of config somewhere? Can the whole process be shortcutted by moving the files at the OS level and the new server picks them up pickup folder style?

The only thing I managed to make happen was the secondary logged an authentication error when I purposely set the ETRN auth password wrongly on the new primary. So it looks like it was at least contacting the secondary to get the mail. But the documentation is pretty sketchy - the secondary has no users in that domain so I used the secondarys KMS admin user/pass?
Pavel Dobry (Kerio)

Messages: 5245
Karma: 251
Send a private message to this user
Make sure the secondary server is still configured to ETRN (offline) delivery. Then the primary server should be able to trigger the delivery.
If you switch the secondary server to online mode, messages queued in ETRN mode will remain in the queue.

Messages: 9
Karma: 0
Send a private message to this user
Thanks but I think I already tried that. I setup this config...

Pri server/ETRN Download/Servers added the secondary server and domains, selected authentication and entered the secondary server admin user/pass.

Sec server/domain/forwarding checked to forward to pri server, offline delivery etrn trigger selected, checked forward if domain alias.

If I set a bad username/password on the primary servers ETRN authentication setting then the secondary server shows these auth failures in the error log. With the correct username/pass no error is logged, but no ETRN happens.

Does this rely on MX records at all? Or is there something about the domain list the ETRN tries to retreive mail for? Am I using the right username/password?

[Updated on: Fri, 09 October 2009 15:42]


Messages: 9
Karma: 0
Send a private message to this user
I am having the exact same problem with my servers. I have one used as a primary for one domain and as backup for several others. When the others go down the messages just pile up in the backup and never get sent. I have ETRN configured as in the documentation but it just doesn't seem to work, even when manually triggered.

Messages: 175
Karma: 1
Send a private message to this user

I had the same issues, I had some emails get delivered via ETRN but the rest not - turned out to be that the receiving server was interpreting the delivery as a directory harvest attack. I added the respective servers to their exclusion lists and all was resolved.

Previous Topic: Admin canĀ“t see archive
Next Topic: Distribution list
Goto Forum:

Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sat Oct 21 08:52:53 CEST 2017

Total time taken to generate the page: 0.00378 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.