Saturday, January 23, 2010

Postfix Backup MX

SkyHi @ Saturday, January 23, 2010

Postfix can be configured to act as a backup mail server. A backup MX server accepts mail if the primary mail server goes down and will forward all mails in its queue if the primary mail server goes back online.

Backup MX

This article describes how to configure Postfix to act as a backup MX server.

Configuring Postfix

Edit main.cf
1. Edit the file /etc/postfix/main.cf and update the lines below.
mynetworks = 127.0.0.0/8
relay_domains = $mydestination acme.local
smtpd_recipient_restrictions = permit_mynetworks,
reject_unauth_destination
transport_maps = hash:/etc/postfix/transport

Replace acme.local with your own domain name.

Edit transport
2. Edit the file /etc/postfix/transport and add the line below.
acme.local :[192.168.3.1]

Replace acme.local with your own domain name and 192.168.3.1 with the hostname or IP address of your primary mail server.

postmap transport
3. Type the line command below to create a transport database file.
postmap /etc/postfix/transport
Service Configuration
4. Restart the Postfix or MailScanner service if you have installed it. Learn how to start and stop services here.
Terminal
5. You should now be able to send mails to your backup mail server and those mails will be automatically forwarded to your primary mail server. See Test Postfix using Telnet.

Backup MX Notes

It is easy to setup a backup mail server but you also need to consider the items below.

  • Add DNS MX Record. In order for your backup mail server to be identified over the internet, you need to add a lower priority DNS MX record. A higher number means lower priority.

    DomainTTLPriorityMail Server Name
    acme.local8640010mail.acme.local
    acme.local8640020mail2.acme.local
  • Add Antivirus and Antispam Filtering. Make sure to have the same or better virus and spam protection in your backup mail server as you have in your primary mail server. Otherwise, viruses and spams will be entering your inbox through the backdoor.

  • Verify Recipient. If possible, you also need to apply the same recipient verification method you used in your primary mail server. This will allow your backup mail server to reject all invalid recipient address instead of having the primary mail server bounce the forwarded emails with invalid recipients. Use the relay_recipient_maps setting in /etc/postfix/main.cf to specify the valid recipients.

  • Relay Only. In your /etc/postfix/main.cf, make sure the relay domain is not found in mydestination, virtual_alias_domains and virtual_mailbox_domains. Otherwise, the backup mail server will not forward emails to the primary mail server and will instead store it into its own mailbox.

  • Use IP Address. By specifying the hostname or IP address in the transport file, the DNS MX lookup can be eliminated. Specifying the IP address will be even better since this will eliminate the need for any DNS lookup. It will also avoid relay loopback problems if you are using port forwarding in your backup mail server.

  • Flush Mail Queue. You can force Postfix to immediately send all the mail in its queue by typing in the command below. This useful after bringing the primary mail server back online to eliminate the waiting period for the backup mail server to resend mails in its queue.

    postfix flush

REFERENCE
http://www.linuxmail.info/postfix-backup-mx/