SMTP Code: "451 4.4.1 [internal] connection was not attempted: domain is marked down (too many connection failures)"

book

Article ID: 157525

calendar_today

Updated On:

Products

Messaging Gateway

Issue/Introduction

  • Messages cannot be delivered to a specific domain.
  • Message Audit Logs indicate that the "domain is marked down".
Transient Delivery Attempts Failure Time Details Recipient
Attempted Delivery to: default-non-local-route Thursday, Jan 03, 2013 03:48:55 PM CET 451 4.4.1 [internal] connection was not attempted: domain is marked down (too many connection failures) [email protected]

Cause

When too many connection attempts to the downstream mail server for a domain fails; that domain is marked as "down" by the Messaging Gateway for a short period of time (usually five minutes).

This is to conserve resources when, after repeated connection failures, the destination server is unlikely to be reachable.

During the period of time where a domain is marked down, SMG queues messages for that domain rather than immediately attempting delivery.
Once the domain is no longer marked as down, delivery of new messages will be attempted immediately and delivery of queued messages will be attempted at the next queue cycle (usually within fifteen minutes).

Resolution

This is usually the result of the destination mail server being unreachable for reasons such as:

  • being offline
  • misconfiguration of the destination domain's DNS MX records
  • the Messaging Gateway being rate limited or blacklisted by the destination server

In case of SMG not using DNS MX records for mail routing but rather a static route in Protocols->Domains, check that the remote server is reachable via telnet from the command line as shown below and confirm that firewall rules are not preventing mail delivery to the destination IP:

smg> telnet mail.domain.com 25
Trying 8.9.10.11...
Connected to 8.9.10.11.
Escape character is '^]'.
220 mail.domain.com ESMTP Mail
quit
221 2.0.0 Bye
Connection closed by foreign host.

Flushing the delivery queue will not cause messages for a "down" domain to be re-attempted until the timeout has expired and the destination server is reachable.