Routing Email for Local Domains
In Configuring the Gateway to Receive Email you customized private and public listeners to service SMTP connections for an Enterprise Gateway configuration. Those listeners were customized to handle specific connections (via HAT modification) and receive mail for specific domains (via RAT modification of public listeners).
The appliance routes
mail to local domains to hosts specified via the
SMTP Routes page (or the
smtproutes command). This feature is similar to the
If you have completed the GUI’s System Setup Wizard (or the Command Line Interface
SMTP Routes Overview
SMTP Routes allow you
to redirect all email for a particular domain to a different mail exchange (MX)
host. For example, you could make a mapping from
groupware.example.com . This mapping causes any email
@example.com in the Envelope Recipient address to go
instead to groupware.example.com . The system performs an “MX” lookup on
groupware.example.com , and then performs an “A” lookup
on the host, just like a normal email delivery. This alternate MX host does not
need to be listed in DNS MX records and it does not even need to be a member of
the domain whose email is being redirected. The AsyncOS operating system allows
up to forty thousand (40,000) SMTP Route mappings to be configured for your
SMTP Routes Limits)
This feature also
allows host “globbing.” If you specify a partial domain, such as
.example.com , then any domain ending in
example.com matches the entry. For instance,
firstname.lastname@example.org both match the mapping.
If a host is not
found in the SMTP Routes table, an MX lookup is performed using DNS. The result
is not re-checked against the SMTP Routes table. If the DNS MX entry for
bar.domain , any email sent to
foo.domain is delivered to the host
bar.domain . If you create a mapping for
bar.domain to some other host, email addressed to
foo.domain is not affected.
In other words,
recursive entries are not followed. If there is an entry for
a.domain to redirect to
b.domain , and a subsequent entry to redirect email for
a.domain , a mail loop will
not be created.
In this case, email addressed to
a.domain will be delivered to the MX host specified by
b.domain , and conversely email addressed to
b.domain will be delivered to the MX host specified by
The SMTP Routes table
is read from the top down for every email delivery. The most specific entry
that matches a mapping wins. For example, if there are mappings for both
.example.com in the SMTP Routes table, the entry for
host1.example.com will be used because it is the more
specific entry — even if it appears after the less specific
.example.com entry. Otherwise, the system performs a
regular MX lookup on the domain of the Envelope Recipient.
Default SMTP Route
You can also define a
default SMTP route with the special keyword
ALL . If a domain does not match a previous mapping in
the SMTP Routes list, it defaults to being redirected to the MX host specified
When you print the
SMTP Routes entries, the default SMTP route is listed as
ALL: . You cannot delete the default SMTP route; you may
only clear any values entered for it.
Configure the default
SMTP route via the Network > SMTP Routes page or the
Defining an SMTP Route
Use the Network >
SMTP Routes page (or the
smtproutes command) to construct routes. When you create
a new route, you first specify the domain or partial domain for which you want
to create a permanent route. You then specify destination hosts. Destination
hosts can be entered as fully-qualified hostnames or as IP addresses. IP
addresses can be either Internet Protocol version 4 (IPv4) or version 6 (IPv6).
For IPv6 addresses, AsyncOS supports the following formats:
You can also specify
a a special destination host of
/dev/null to drop the messages that match the entry.
(So, in effect, specifying
/dev/null for the default route is will ensure that no
mail received by the appliance is ever delivered.)
A receiving domain can have multiple destination hosts, each assigned a priority number, much like an MX record. The destination host with the lowest number identifies as the primary destination host for the receiving domain. Other destination hosts listed will be used as backup.
Destinations with identical priority will be used in a “round-robin” fashion. The round-robin process is based on SMTP connections, and is not necessarily message-based. Also, if one or more of the destination hosts are not responding, messages will be delivered to one of the reachable hosts. If all the configured destination hosts are not responding, mail is queued for the receiving domain and delivery to the destination hosts is attempted later. (It does not fail over to using MX records).
routes using the
smtproutes command in the CLI, you can prioritize each
destination host by using
/pri= , followed by an integer
65535 to assign priority (
0 is the highest priority) after the hostname or IP
address. For example,
has a higher priority than
host2.example.com/pri=10. Separate multiple entries with
SMTP Routes Limits
You can define up to 40,000 routes. The final default route of ALL is counted as a route against this limit. Therefore, you can define up to 39,999 custom routes and one route that uses the special keyword ALL .
SMTP Routes and DNS
Use the special keyword USEDNS to tell the appliance to do MX lookups to determine next hops for specific domains. This is useful when you need to route mail for subdomains to a specific host. For example, if mail to example.com is to be sent to the company’s Exchange server, you might have something similar to the following SMTP route:
However, for mail to various subdomains (foo.example.com), add an SMTP route that looks like this:
SMTP Routes and Alerts
Alerts sent from the appliance to addresses specified in the System Administration > Alerts page (or the alertconfig command) follow SMTP Routes defined for those destinations.
SMTP Routes, Mail Delivery, and Message Splintering
Incoming: if one message has 10 recipients and they are all on the same Exchange server, AsyncOS will open one TCP connection and present exactly one message to the mail store, not 10 separate messages.
Outgoing: works similarly, but if one message is going to 10 recipients in 10 different domains, AsyncOS will open 10 connections to 10 MTAs and deliver them one email each.
Splintering: if one incoming message has 10 recipients and they are each in separate Incoming Policy groups (10 groups), the message will splinter even if all 10 recipients are on the same Exchange server. Thus, 10 separate emails will be delivered over a single TCP connection.
SMTP Routes and Outbound SMTP Authentication
If an Outbound SMTP Authentication profile has been created, you can apply it to an SMTP Route. This allows authentication for outgoing mail in cases where the appliance sits behind a mail relay server that is at the edge of the network. For more information about Outbound SMTP Authentication, see Outgoing SMTP Authentication.
Managing SMTP Routes to Send Outbound Email Using the GUI
Use the Network > SMTP Routes page to manage SMTP Routes on your appliance. You can add, modify, and delete mappings in the table. You can export or import the SMTP Routes entries.
Adding SMTP Routes
Click Add Route on the Network > SMTP Routes page.
Enter a receiving domain. This can be a hostname, domain, IPv4 address, or IPv6 address.
Enter a destination host. This can be a hostname, IPv4 address, or IPv6 address. You can add multiple destination hosts by clicking Add Row and entering the next destination host in the new row.
If you add multiple destination hosts, enter an integer between 0 and 65535 to assign priority to the hosts. 0 is the highest priority. See Defining an SMTP Routefor more information.
Submit and commit your changes.
Exporting SMTP Routes
Similar to the Host Access Table (HAT) and the Recipient Access Table (RAT), you can also modify SMTP routes mappings by exporting and importing a file. To export the SMTP Routes:
Click Export SMTP Routes on the SMTP Routes page.
Enter a name for the file and click Submit.
Importing SMTP Routes
Similar to the Host Access Table (HAT) and the Recipient Access Table (RAT), you can also modify SMTP routes mappings by exporting and importing a file. To import SMTP Routes:
Click Import SMTP Routes on the SMTP Routes page.
Select the file that contains the exported SMTP Routes.
Click Submit. You are warned that importing will replace all existing SMTP Routes. All of the SMTP Routes in the text file are imported.
You can place “comments” in the file. Lines that begin with a ‘#’ character are considered comments and are ignored by AsyncOS. For example:
What to do next
At this point, our Email Gateway configuration looks like this: