Using a VPS for Cloudminpro, Virtualminadministration and (backup)mailserver.

Well, since Eric asked me to put it in here, i put it in here:

I want to use a vps as a master for cloudmin / virtualmin administration and would also like to give it a second job as a backup mx.

Do you have a standard procedure for that?

Does it make sense, of installing first virtualmin to get things going with all mail related stuff like spamassasin, clam av etc and the configure the mailserver for backup purpose and then installing cloudmin or doing it manually?

What do you think about letting postfix check rbl lists? Would that reduce spam too? I've read quite a lot about this, but i do not want to mess up ;-)

One could think it a bit larger, of having a Mailserver who would filter all mails centralized for a bunch of other servers behind. Here are a lot of options possible, which one could use, but not all of them give you what you bet for, so what do oyu think, which way to go, if one has not only one virtualmin based webserver, and Cloudmin Pro too... Also, creating a best practice for mailserverhandling, also with certs and encrypted client communication (port 465, 587) but also hardening it PCI wise and using PFS, would be a larger task to accomplish. So, should we go down this road? Perhaps we find some thinkgs, which could be done in virtualmin to make life easier?

We will see. ...

Thanks and best.

Status: 
Active

Comments

Howdy -- thanks for opening a new request!

Regarding the backup MX server -- we have some documentation that may help you get started with that. Take a peek at this, does this help answer your first question:

https://www.virtualmin.com/documentation/email/hold-and-forward

Regarding Postfix and RBL lists -- certainly! I do that on my own personal servers.

I include the following in the "smtpd_recipient_restrictions" section on my own system:

reject_rbl_client cbl.abuseat.org, reject_rbl_client sbl.spamhaus.org, reject_rbl_client xbl.spamhaus.org, reject_rbl_client psbl.surriel.com

And lastly, there's some details here on running SpamAssassin and ClamAV on a remote server:

https://www.virtualmin.com/documentation/email/spam-av#toc-moving-spam-a...

Let us know if you have any other thoughts or questions after checking out the links above!

Ok, read the first link. What i understand, is that i need virtualmin pro for this, correct?

Let's say i have several servers (running gpl) and a cloudmin pro server, which should control the other virtualmin/webminservers and do the emailjob, i would see some different scenarios:

  1. Using Cloudmin Pro Main VPS as a backup mx for all servers
  2. Using Cloudmin Pro Main VPS as central mailservers, which handles all incoming and outgoing emails for the servers
  3. Using Cloudmin Pro Main VPS as a central receiving server, which filters mails accordingly and forwards them to the other servers, whereas the other servers send directly
  4. Using Cloudmin Pro Main VPS as central mailserver which handles all incoming and outgoing emails for the servers, whereas the servers are backup mx, in case the main server doesn't work at all or
  5. Using Cloudmin Pro Main VPS as a central mailserver which handles all incoming and outgoing emails for the servers and setting up another VPS as a backup mailserver.

There are also different strategies to avoid spam by creating mx records which point to non-existing servers like:

10.... non existing 20... Backupmailserver 30 ... mainmailserver 40 ... non existent

to fool spammers, because they usually go on entry 10 and seldom on entry 20...

Does it make sense anyhow?

Thanks and best

Jamie, could Cloudmin Services do what this user is after here?

Cloudmin Services can't yet do distributed mail processing - because for that to work properly, all the systems would need to share the same home directory, user database and Postfix config.

Ok, this would be a very good option for Cloudmin(pro) ;-) btw. Besides, to have my cloudminpro installation to work as a backup mx, i need virtualmin pro for that installation, correct? The other regular servers which have the domains running can use gpl, or did i misunderstand something?

So it looks like i will have to look into option 1. If i start off with a new server, would i need to install virtualmin (pro) first, for all mailsetupthings and then cloudmin, or vice versa?

Best