Trend Micro Dual WAN Issue

Unanswered Question
Oct 16th, 2009

Question from a partner:

Has Trend fixed the hosted issue with two WAN connections?  It used to be that even though your device had dual WANs, Trend would only forward the emails to one of the connections.  If it went down, you had to submit an email request to move it to the other connection and it could be 12-24 hours before it went into effect and 99 times out of 100, the original WAN port would be back online.  It does slightly defeat the purpose of having Dual WANs if you cannot receive email in this day and age.

Any help out there?


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Glenn Quesenberry Tue, 10/20/2009 - 07:50

Hey Art!  I hadn't heard of this issue before but it sort of makes sense from a security perspective.  Of course as you state it also defeats the purpose of having a primary and backup WAN link if you can't fail-over and still have the email protection.  I'll have to escalate this up to the product team to review and comment on.  I or they will get back on  here and let you know.  BTW, are you investigating this for a Partner or Customer?

aschertz Fri, 10/23/2009 - 11:24

Glen - This inquiry is for a partner:

Message was edited by: Cindy Toy (Hi Art, I removed the partners contact info since I am not sure the partner wanted his info in a public forum)

Steven DiStefano Thu, 10/29/2009 - 07:49

I got with Trend on this because I thought it was something very interesting....

here is what they said...

I think  you’re talking about the same setup as a customer having 2 mail servers, right?  If so we have had a solution for this for a while.

They  want us to send email to, but if that is down, send it to

They  would use the MX record method.

A  customer would need to create a hostname that points to two MX  records.

Give the  primary site IN MX 10 and the backup IN MX 20.

Then we  change the IMHS configuration to use the hostname they  created.

>cat  imhs.multiple.customer.mailservers


Our  postfix servers will only allow us to configure 1 IP address or 1 hostname in  our transport file to deliver email back to the customer.  If the customer has 2  or more mail servers they want us to use, they will need to create a new  hostname DNS entry and point it to their multiple servers.

If they  want our servers to try to deliver the email to their mail servers in a specific  order, say mailserver1 and if that server is not available then try to deliver  the email to the mailserver2, then they would need to setup the following DNS  entries as an example:    IN  A    IN  A   IN MX 10   IN MX 20

Then we  setup our server to deliver to

If a  specific order is not important then they can just make  point to multiple IP addresses:   IN A   IN A

This  will make our server send an email to and the next email to,  then to, etc.

Then we  setup our server to deliver to     smtp:[]:25

Our  servers will only deliver the email to the first server that will accept the  email.  They will not deliver the same email to both mail  servers.

I hope  that is detail enough,



Although we don't use Trend, we use this method quite often and use DNS MX records for mail routing.  Just make sure that your email host responds with a consistent name.  It's fine if you have mailserver1 and mailserver2 in the MX records, but keep your mail sever as just mailserver.  Setup A records for the IPs on both ISP, contact each ISP to setup PTR records for their respective A records, and add the mailserver host as an authorized host in the SPF record.  It's easy to get mail via MX round robin, but sending is a bear if it's not setup correctly however it's getting easier if you relay outbound mail thru your spam filtering service.


This Discussion