Backup Mail Server Questions
wmoran at potentialtech.com
Sun Sep 26 11:32:14 PDT 2004
Eric Crist <ecrist at secure-computing.net> wrote:
> Hello list,
> I was wondering if anyone has any insight as to having a remote backup
> mail server and the setup of such. I'm currently using sendmail, and I
> don't want to change that, so please don't recommend any of the other
> servers out there. ;)
> One of my friends needs backup DNS/Mail in the even their connection
> goes down. How do I go about setting it up so that his user base
> (about 80 users) will not see any problems in mail transmission and
> reception if their primary servers go offline. I would like mine to
> automatically pickup the slack.
I'm going to go out on a limb and input my extremely biased opinion.
First off, what does setting up backup DNS/mail gain the end user? Unless
you have mirrors on radically different networks, of things like WWW and
mail, backup DNS doesn't really accomplish anything. If the net
connection goes down, you're offline anyway, so who cares if DNS still
Backup SMTP is even more difficult to justify. The SMTP standard has
transient failure recovery built into it, so if your net connection is
down for an hour or so, mail delivery will resume when the connection
comes back up. If you set up a backup MX on a different network and
your primary MX goes down, end users can't get to their mail anyway,
since their POP/IMAP boxes are not configured on the backup server.
Backup SMTP is a complicated and expensive thing to get working
correctly. You can't set up secondary POP/IMAP boxes on the backup,
because then you'd have to have everyone check both. This creates
two single points of failure (which is worse than a single single
point of failure)
You could have mail delivered to both the backup and the primary,
but then how does the backup know when the user deletes mail from
the primary, or vice-versa? Simple fact of the matter is that
the only way for 100% reliable mail delivery is to have a single
point where the mail gets delivered to. You'd probably be better
off setting up a redundant Internet connection, if mail is that
important to this customer, and they get the additional benefit
that that creates as a bonus.
Additionally, for mail to work smoothly, the backup MX needs to
have an updated user list from the primary at all times. It also
needs to have the same spam/virus filtering setup as the primary MX
or spammers _WILL_ use your backup MX to bypass spam controls. If
you don't do these correctly, you will have problems with junk mail,
as well as generate collateral spam and piss off other mail admins.
(I've seen a badly configured backup SMTP system bring a small
ISP to its knees)
Now that I've been all doom and gloom ...
1) Ensure that the benefit of backup SMTP/DNS for this customer is
2) Make sure the backup MX has all the same filtering as the primary.
Otherwise, spammers WILL QUICKLY learn to relay their spam through
the backup. In fact, many spammers try the MXs in reverse order
on the assumption that only the primary has properly maintained
junk mail controls.
3) Make sure you have a system to replicate the user list from the
primary to the backup, so the backup doesn't accept undeliverable
mail. I've done this as simply as a cron job with rsync, but
fancy stuff like SQL databases and LDAP are possible as well.
More information about the freebsd-questions