Comments on: Postfix Backup MX eMail Server Anti-Spam Configuration

By: Mikaso

Mikaso — Sun, 27 Nov 2011 05:13:35 +0000

gpasswd -a clam amavis

By: Acorp

Acorp — Tue, 19 Oct 2010 06:07:50 +0000

Just wanted to say the NOLIST MX Servers trick is awesome! SPAM messages hitting my server dropped nearly 90% after implementing a lowest priority nolist MX server and a highest priority nolist MX server. Some statistics from my mail server are listed below. One caution…I’ve heard that QMAIL may not respond correctly to a 4xx NOLIST server, so it may be best to use a non-existent/invalid IP for your nolist servers. YMMV…
10/14/2010: 42517 Messages Rejected 10/15/2010: 40604 Messages Rejected 10/16/2010: 22801 Messages Rejected ------------------------------------------------------------------------- NOLIST MX Server records created early afternoon 10/17 ------------------------------------------------------------------------- 10/17/2010: 7580 Messages Rejected 10/18/2010: 3320 Messages Rejected

By: Seth Wisely

Seth Wisely — Tue, 27 Oct 2009 22:47:54 +0000

No mention of redundant DNS? Backup MX is fine but with resolver failure even backup MX can be useless.

A more interesting idea (rough draft imagination) would be a symlink-analog from backup (third party) MX providers to access rules on primary (or local MX) such that rules need not be manually replicated.

While some find it rude I find TMDA efficacious (when properly configured)

By: Aaron

Aaron — Tue, 21 Jul 2009 15:48:21 +0000

Greg: Keep a backup copy of your primary MX config somewhere on the backup MX. When the primary MX goes down for good, stop postfix, copy the backup of the primary MX config into the correct location and start postfix (make sure your maildirs are in place too).

If Postfix doesn’t deliver the messages, try “postsuper -r ALL’
The -r is for ‘requeue’. It pretty much takes every queued message and moves it into the maildrop for reprocessing. It should recognize that the message is now destined for a local mailbox and deliver it accordingly.

By: Greg

Greg — Tue, 21 Jul 2009 15:40:24 +0000

I’ve been using a backup MX with postgrey for years now and it works a treat !
However Ihave often wondered what if I cant fix/replace the primary server within a few days, sure my backup keeps queuing for 60 days meanwhile my clients have no access, not good.
I already backup my IMAP Maildirs to the backup MX and user accounts are also working there with LDAP replicated auth to boot.
How do I tell postfix on the backup MX to stop queuing and deliver all the mail it has queued locally ?

By: Vivek Gite

Vivek Gite — Thu, 30 Apr 2009 21:08:38 +0000

@Gokdeniz,

My bad – I misread your first post… yes, each server including those run by Google / Yahoo are actually configured to hold mail for a few days. Also, Exchange try out next server immediately if primary is down. Most nix based server wait for some time. But, in general all of them retry delivery.

PS: swaks is wonderful tool for testing various email configurations!

By: Gokdeniz Karadag

Gokdeniz Karadag — Thu, 30 Apr 2009 20:55:09 +0000

@vivek:

RFC 2821 requires that mailing software MUST retry sending mail after failed attemps See section 4.5.4 at http://www.ietf.org/rfc/rfc2821.txt

A quick test with both gmail and yahoo showed that it does not immediately give up.

I cannot currently test with exchange server, but if it gived up immediately, it cannot deliver mailt to all those servers using “nolisting”. As nolisting simulates a broken MX.

By: Vivek Gite

Vivek Gite — Thu, 30 Apr 2009 20:23:24 +0000

It will take at least 2-3 hrs to create (replace hardware, os reloads, patch and data) and restore data from a backup server / tape. What will happen if someone try to send emails to those 2000 users? Some free services such as Yahoo / Gmail and Exchange server gives up immediately and returns email to sender. This may be good for a small business or non-profit organizations but for any serious business you need to have backup mx server.

YMMV.

By: Gokdeniz Karadag

Gokdeniz Karadag — Thu, 30 Apr 2009 19:44:17 +0000

While backup MX seems like a good idea, in practice you can do without them.

All mail software retry sending mail for a reasonable amount of time. Postfix retries for FIVE DAYS. Let’s be on the safe side and let’s say all mail servers try delivery for at least two days.

When a problem occurs, you will most likely solve it in two days. If you cannot, you can restore your backed up configuration in a new server as a last resort. It is a very unlikely scenario that a mail server cannot be fixed or replaced within two days.

So, instead of trying to fortify the backup server, and trying to keep the setings in sync, you can have only one server and focus on it.

If you have a very high mail volume and need load balancing, then you probably sync all configurations and use a central spam filter; so keeping a backup may not be expensive. But for all other cases where a single server is powerful enough to handle mail, I strongly recommend keeping only one server up. I have only one server in our 2000 user environment, for about 3 years, and did not have any problem.

But I have to admit we have a good backup policy and scripts ready to build a server from scratch, so I am confident about overcoming outages.

By: Jack

Jack — Thu, 30 Apr 2009 00:13:57 +0000

Yeah, it's like Aaron said, spammers are great at adapting to the anti-spam measures and always seem to find a way through. -Jack @ mac backup software

By: qBert

qBert — Wed, 29 Apr 2009 06:43:14 +0000

Hi,

the “reject_unverified_recipient” Option on the backup mx could be usefull too:

http://www.postfix.org/postconf.5.html#reject_unverified_recipient

http://www.postfix.org/ADDRESS_VERIFICATION_README.html

By: Vivek Gite

Vivek Gite — Wed, 29 Apr 2009 00:25:51 +0000

I belive relay-domains and and relay_recipient_maps does the same thing. You can use MySQL database and just run in master – slave mode.

HTH

By: Aaron

Aaron — Tue, 28 Apr 2009 22:59:15 +0000

This all sounds well and good–but the problem is that Spammers will adapt. They will figure out the MX priority tricks and modify their software. They already know a lot about greylisting and try again 5-15 minutes later.

The real solution is to keep your list of postfix users and domains in a file or database that gets synced every few minutes, hours, or days–whatever is appropriate. That way both servers know the correct list of domains and users for forwarding.

I personally just trigger the sync by hand now–but in the past I’ve used rsync and a cron job.