Hold and Forward Backup Server

Hold And Forward Backup Mail Server

Configuring a secondary MX server to provide hold and forward mail service in the event your primary mail server is offline. Virtualmin Professional is required on the primary server, and Virtualmin Professional or Virtualmin GPL is required on the secondary server.

Introduction

Mail service is, for many users, the most important internet service. While always-on reliability on virtual hosting systems is impossible (kernel upgrades for security updates, at the very least, require system reboots), the DNS and mail standards provide mechanisms to allow mail to flow successfully even if the primary mail server is temporarily off-line.

Configuration of a secondary mail server is relatively simple, but can be made completely automatic with Virtualmin Professional. To use this automatic backup mail server configuration feature, you must have Virtualmin Professional on the primary server. On the backup server, either Virtualmin Professional or Virtualmin GPL will work.

Pre-Requisites

For this process to work, the following components are needed:

  • Virtualmin Professional on the primary server, with a working mail and name server configuration
  • Virtualmin Professional or GPL on the secondary server, with a working mail server configuration
  • All three supported mail servers can be used for this process, and the mail servers do not have to be the same on the primary and secondary servers. But Virtualmin on both servers must be properly configured for the active mail server.

Pre-Requisites To Prevent Backscatter Spam

Virtualmin 3.87 and later can configure secondary mail servers to only accept email for addresses that exist on the primary server. This prevents spammers from sending email with faked from addresses to invalid addresses on the secondary server, which are then relayed to the primary and bounced back to the fake address.

The steps to configure Postfix on the secondary to support this are :

  • Edit /etc/postfix/main.cf and add the line relay_recipient_maps = hash:/etc/postfix/relay_recipients
  • Create an empty map file with the commands touch /etc/postfix/relay_recipients ; postmap hash:/etc/postfix/relay_recipients
  • Restart Postfix with /etc/init.d/postfix restart

To configure Sendmail on the secondary, the steps are :

  • Login to Virtualmin, and go to Servers -> Sendmail Mail Server -> Spam Control`
  • Make sure the Spam Control (access_db) feature is enabled, and if not follow the instructions in the Sendmail module to activate it.

Configuring Virtualmin on the Primary

Adding a server to the Webmin servers list

The first step in this process is to add your secondary server to the list of available Webmin servers. To do this, click on the Webmin link in the upper right corner of the left menu pane to activate the Webmin menu. Then, open the Webmin menu category and click on ''Webmin Servers Index''.

Click the ''Register a new server'' link, and then fill in the form, providing the hostname of the secondary and the port on which Webmin is running. In the Link Type section, select ''Login via Webmin with username ... password ...'' and enter an administrative level username and password.

Once the form is filled out, click ''Save''. Assuming there are no errors, you should now see an icon representing your secondary server in the Webmin Servers Index page.

Setting up Virtualmin to use the secondary mail server

Once the server has been added as a Webmin server, you just need to enable it as a secondary server in Virtualmin. In the left-hand menu, re-activate the Virtualmin menu by clicking on the Virtualmin link in the upper left corner. Now open the ''Addresses and Networking'' menu item, and click on ''Secondary Mail Servers''.

The server you've just configured in the Webmin Servers Index should appear in the list with an empty checkbox beside it. Click the checkbox to activate it. If you already have domains on your server that you want to setup with secondary mail service, also check the ''Add all existing mail domains to secondary MX servers?''. Finally, click ''Save''.

That's it, you're done!

Synchronizing Allowed Addresses

The simplest way to test if allowed addresses are being sent to secondary mail servers to prevent backscatter spam is to SSH into the primary system as root and run the command :

virtualmin syncmx-domain --all-domains

This will all send valid addresses in all mail domains on the primary system to all secondaries. If you have just added a new secondary or upgraded Virtualmin to version 3.87 (in which this feature was added), you should also run this command at least once.

The Gritty Technical Details

Note: If you just want it to work and don't care how, you can stop reading at this point. This is merely for those folks who like to understand what's happening behind the scenes.

This Virtualmin Professional feature makes use of a couple of features of the mail RFCs. First up, it creates an additional MX record, with a lower priority (higher number, but lower priority in the sense that it won't be contacted unless the primary isn't responding) than the primary. Second, it adds an entry on the secondary server to the list of domains that the server will relay for. This causes the secondary to accept mail for the domain, despite not having a local mailbox to place it in.

Since the mail RFCs have well-defined rules about what to do in the event a server is down, this has the effect of causing the secondary to simply accept the mail and hold it in its queue until the primary comes back online. It will automatically attempt to resend the mail periodically, and will only bounce the mail back to the sender if the primary stays off-line for an extended period of time.

Comments

Is there supposed to be "Secondary Mail Servers" link under Virtualmin -> Addresses and Networking in Virtualmin GPL? I can't find it.

Or do we have to add a cron job or something?

I followed the instructions and all seems to work, though I already had a Virtualmin GPL (backup MX) server configured.

virtualmin syncmx-domain --all-domains

seems to work perfectly, but the timestamp of /etc/postfix/relay_recipients on the backup server has not changed since the command was run manually. Running the command manually seems to work every time.

G

It should happen automatically, each time you add or change a mailbox or mail alias. The syncmx-domain command can force a sync, and will report errors if a sync fails ..

''

I created a mail alias on the primary and the backup server was modified immediately. Sorry for being stupid.

G