Redundant Mail System Suggestions

shuttlebox shuttlebox at gmail.com
Wed Nov 28 16:35:57 GMT 2007 

On Nov 28, 2007 5:19 PM, Jim Flowers <jflowers at ezo.net> wrote:
> To my way of thinking redundancy should involve as few choke points as
> possible, therefore, two different networks.  That aside, on my MXGuardian
> systems I configure two (or more) completely separate (mail gateway) servers
> identically as mxgf1.domain.tld (IP:xxx.xxx.xxx.xxx) and mxgf2.domain.tld
> (IP:yyy.yyy.yyy.yyy).
>
> I use a service (tqdns.com) with ONE MX record for each domain that is to be
> spam/virus protected pointing to mxgf.spam.scanner.tld.  mxgf.spam.scanner.tld
> is a monitored/failover A record pointing to IP:xxx.xxx.xxx.xxx. with a TTL of
> 300 seconds.  If the port 25 probe fails twice, the current A record for
> mxgf.spam.scanner.tld is removed and a new A record pointing to
> IP:yyy.yyy.yyy.yyy replaces it.  When the IP:xxx.xxx.xxx.xxx probe begins to
> succeed again, the process is reversed.
>
> The advantages of this setup are many and in 3 years handling millions of
> messages I don't think we have ever lost one due to unavailable servers.
>
> Just to mention one advantage: we use a MailWatch hack under Tools to
> start/stop the inbound mta (sendmail) on the lead server manually.  When the
> queue.in gets loaded, as it sometimes does during heavy attacks, we stop the
> inbound mta to allow the queue to empty out while current messages are routed
> to the secondary server.  A cron script also monitors queue size to do the
> same thing automatically so operation is pretty much maintenance free.
>
> Of course the main advantage is the reduction in spam due to not using
> multiple MX records.  As the secondary server is only visible through the
> mxgf.spam.scanner.tld A record when it is actually being used the only spam it
> sees in backup mode is where the spammer uses memorized IP addresses.  This
> runs less than 10% of what it was before using the failover scheme.  Bayes
> performance is pretty much the same as for primary server.
>
> Altogether a lot to recommend it.

I don't see anything in your setup that isn't available by two lines in DNS:

domain.tld.             86400     IN      MX      10 mxgf1.domain.tld.
domain.tld.             86400     IN      MX      10 mxgf2.domain.tld.

I don't know what you mean by saying that you get less spam by having
only one MX record. How would that make any difference?

The only way I would complicate my setup is if I can add something
worthwhile that I don't already have. I don't want extra servers or
other HW, SQL databases and/or web servers if I can avoid it.

-- 
/peter

More information about the MailScanner mailing list