Redundant Mail System Suggestions
shuttlebox at gmail.com
Wed Nov 28 16:35:57 GMT 2007
On Nov 28, 2007 5:19 PM, Jim Flowers <jflowers at ezo.net> wrote:
> To my way of thinking redundancy should involve as few choke points as
> possible, therefore, two different networks. That aside, on my MXGuardian
> systems I configure two (or more) completely separate (mail gateway) servers
> identically as mxgf1.domain.tld (IP:xxx.xxx.xxx.xxx) and mxgf2.domain.tld
> I use a service (tqdns.com) with ONE MX record for each domain that is to be
> spam/virus protected pointing to mxgf.spam.scanner.tld. mxgf.spam.scanner.tld
> is a monitored/failover A record pointing to IP:xxx.xxx.xxx.xxx. with a TTL of
> 300 seconds. If the port 25 probe fails twice, the current A record for
> mxgf.spam.scanner.tld is removed and a new A record pointing to
> IP:yyy.yyy.yyy.yyy replaces it. When the IP:xxx.xxx.xxx.xxx probe begins to
> succeed again, the process is reversed.
> The advantages of this setup are many and in 3 years handling millions of
> messages I don't think we have ever lost one due to unavailable servers.
> Just to mention one advantage: we use a MailWatch hack under Tools to
> start/stop the inbound mta (sendmail) on the lead server manually. When the
> queue.in gets loaded, as it sometimes does during heavy attacks, we stop the
> inbound mta to allow the queue to empty out while current messages are routed
> to the secondary server. A cron script also monitors queue size to do the
> same thing automatically so operation is pretty much maintenance free.
> Of course the main advantage is the reduction in spam due to not using
> multiple MX records. As the secondary server is only visible through the
> mxgf.spam.scanner.tld A record when it is actually being used the only spam it
> sees in backup mode is where the spammer uses memorized IP addresses. This
> runs less than 10% of what it was before using the failover scheme. Bayes
> performance is pretty much the same as for primary server.
> Altogether a lot to recommend it.
I don't see anything in your setup that isn't available by two lines in DNS:
domain.tld. 86400 IN MX 10 mxgf1.domain.tld.
domain.tld. 86400 IN MX 10 mxgf2.domain.tld.
I don't know what you mean by saying that you get less spam by having
only one MX record. How would that make any difference?
The only way I would complicate my setup is if I can add something
worthwhile that I don't already have. I don't want extra servers or
other HW, SQL databases and/or web servers if I can avoid it.
More information about the MailScanner