Redundant Mail System Suggestions

Jim Flowers jflowers at
Wed Nov 28 16:19:40 GMT 2007

To my way of thinking redundancy should involve as few choke points as
possible, therefore, two different networks.  That aside, on my MXGuardian
systems I configure two (or more) completely separate (mail gateway) servers
identically as mxgf1.domain.tld ( and mxgf2.domain.tld

I use a service ( with ONE MX record for each domain that is to be
spam/virus protected pointing to mxgf.spam.scanner.tld.  mxgf.spam.scanner.tld
is a monitored/failover A record pointing to with a TTL of
300 seconds.  If the port 25 probe fails twice, the current A record for
mxgf.spam.scanner.tld is removed and a new A record pointing to
IP:yyy.yyy.yyy.yyy replaces it.  When the probe begins to
succeed again, the process is reversed.

The advantages of this setup are many and in 3 years handling millions of
messages I don't think we have ever lost one due to unavailable servers.

Just to mention one advantage: we use a MailWatch hack under Tools to
start/stop the inbound mta (sendmail) on the lead server manually.  When the gets loaded, as it sometimes does during heavy attacks, we stop the
inbound mta to allow the queue to empty out while current messages are routed
to the secondary server.  A cron script also monitors queue size to do the
same thing automatically so operation is pretty much maintenance free.

Of course the main advantage is the reduction in spam due to not using
multiple MX records.  As the secondary server is only visible through the
mxgf.spam.scanner.tld A record when it is actually being used the only spam it
sees in backup mode is where the spammer uses memorized IP addresses.  This
runs less than 10% of what it was before using the failover scheme.  Bayes
performance is pretty much the same as for primary server.

Altogether a lot to recommend it.

> -----Original Message-----
> From: mailscanner-bounces at
> [mailto:mailscanner-bounces at] On Behalf
> Of Johnny Stork
> Sent: 27 November 2007 18:20
> To: mailscanner at
> Subject: Redundant Mail System Suggestions
> I am working with a client seeking redundant mail and dns services so
> have been trying to come up with some suggested architectures. 

Jim Flowers <jflowers at>

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the MailScanner mailing list