Setting up an MX Backup

Use this forum if you have installed hMailServer and want to ask a question related to a production release of hMailServer. Before posting, please read the troubleshooting guide. A large part of all reported issues are already described in detail here.
Post Reply
LesD
Senior user
Senior user
Posts: 343
Joined: 2009-01-15 20:22
Location: London, UK.

Setting up an MX Backup

Post by LesD » 2011-12-01 00:27

I have just got down to trying to set up a client's hMS to act as a backup to my own server.

So I followed the docs and went to set up a Route only to discover that a Route has been implemented to cater for just a single domain.

While a domain in the main server setup has a Names tab where other domains can be recorded this is not so for Routes. I have about 30 domains to deal with and it looks like I will have to set up a Route for each one separately.

Is this correct or is there some short-cut I could use?

Bill48105
Developer
Developer
Posts: 6192
Joined: 2010-04-24 23:16
Location: Michigan, USA

Re: Setting up an MX Backup

Post by Bill48105 » 2011-12-01 00:42

Yeah you need a route for each for hmail to know it accepts mail for that domain.
Bill
hMailServer build LIVE on my servers: 5.4-B2014050402
#hmailserver on FreeNode IRC https://webchat.freenode.net/?channels=#hmailserver
*** ABSENT FROM hMail! Those in IRC know how to find me if urgent. ***

LesD
Senior user
Senior user
Posts: 343
Joined: 2009-01-15 20:22
Location: London, UK.

Re: Setting up an MX Backup

Post by LesD » 2011-12-01 00:50

Thanks. Is it worth putting in a request for an enhancement?

Really the need for multiple synonym domains on a Route is the same as for a regular mailserver domain.

Not that such a request will help me right now :)

Bill48105
Developer
Developer
Posts: 6192
Joined: 2010-04-24 23:16
Location: Michigan, USA

Re: Setting up an MX Backup

Post by Bill48105 » 2011-12-01 00:57

LesD wrote:Thanks. Is it worth putting in a request for an enhancement?

Really the need for multiple synonym domains on a Route is the same as for a regular mailserver domain.

Not that such a request will help me right now :)
Sure you can always put in feature requests in that area. I think at issue is how often would such a thing be used by people & is it wort the effort. I don't think your situation is all that common and as painful as you think it'll be to just add the routes it'd take WAYYY longer to change the source code. ;) Just like if you wanted you could script it to be done via COM or even SQL direct but again the time it takes to do the code you migth as well just make the routes & be done.
Bill
hMailServer build LIVE on my servers: 5.4-B2014050402
#hmailserver on FreeNode IRC https://webchat.freenode.net/?channels=#hmailserver
*** ABSENT FROM hMail! Those in IRC know how to find me if urgent. ***

LesD
Senior user
Senior user
Posts: 343
Joined: 2009-01-15 20:22
Location: London, UK.

Re: Setting up an MX Backup

Post by LesD » 2011-12-01 01:11

OK - I will save the ink :)

Indeed, it is a bit monotonous initially but it is really just a one-off. Once it is set up, the occasional maintenance is not an issue.

You have got be a bit worried with your comment. Is it the lots of domains that is not common or is it the use of Routes as a backup server not common?

Having tried other methods for a server backup I was hoping that Routes would work well.

Anything I need to watch out for?

Bill48105
Developer
Developer
Posts: 6192
Joined: 2010-04-24 23:16
Location: Michigan, USA

Re: Setting up an MX Backup

Post by Bill48105 » 2011-12-01 01:36

LesD wrote:OK - I will save the ink :)

Indeed, it is a bit monotonous initially but it is really just a one-off. Once it is set up, the occasional maintenance is not an issue.

You have got be a bit worried with your comment. Is it the lots of domains that is not common or is it the use of Routes as a backup server not common?

Having tried other methods for a server backup I was hoping that Routes would work well.

Anything I need to watch out for?
Don't let me discourage you, put in a feature request with a poll & see. If you get 1 vote per year vs 100 you'll get an idea. :D

I don't believe hmail is used too often as a backup/secondary server and when it is I doubt it is for tons of domains & if it is I doubt it is all of them at once. More likely added over time.

I'm not suggesting hmail won't work well for it, just that not too many people run a mail server let alone BACKUP/SECONDARY one too. ;) I am backup for like 20 domains & it works fine. I did them all at once and it took me maybe 5 minutes to add them but the hard part was adding the users which I did with scripts. That is the thing you want to watch for.. You really don't want the secondary set to the default of 'Delivery to all addresses' as the server will be abused. Spammers love to find secondaries setup that way & just pound em cuz your server will accept email to ANYTHING@thatdomain.tld. So it is better to change to 'addresses below' option & add in the users that exist on the primary. That can be a hassle to enter them all & a big hassle to keep them updated. On my very long to-do wish list is to implement some sort of syncing between hmail servers where those users get updated a automatically but just haven't gotten sick enough yet of updating them manually to spend the time on it. lol Then again I am tempted to do it via scripting instead of building into hmail but we'll cross that bridge when we get there.
Bill
hMailServer build LIVE on my servers: 5.4-B2014050402
#hmailserver on FreeNode IRC https://webchat.freenode.net/?channels=#hmailserver
*** ABSENT FROM hMail! Those in IRC know how to find me if urgent. ***

LesD
Senior user
Senior user
Posts: 343
Joined: 2009-01-15 20:22
Location: London, UK.

Re: Setting up an MX Backup

Post by LesD » 2011-12-01 11:25

I was concerned about spam coming in via the backup but hoped that my 'greylisting' would continue to function.

My highest and lowest priority MX records both point to the primary (to stop spammers that go straight for the lowest priority record) and that should stop the spammers.

[My main need for a backup is to catch the mail from servers that do not handle greylisting well - typically the large server farms.

A lot seem to just try once and they then go straight for the next MX. Those that do try again often try from a different IP so get blocked again and so they move onto the next MX.]

So I was hoping that little spam would actually hit the backup server so there would not be a need to maintain the address list.

By the way, on the Addresses tab do I need to add the full address (including the domain) or just the name before the @?

^DooM^
Site Admin
Posts: 13861
Joined: 2005-07-29 16:18
Location: UK

Re: Setting up an MX Backup

Post by ^DooM^ » 2011-12-01 11:42

The docs suggest that you use the full mail address.
Addresses
This setting lets you define which email addresses hMailServer should allow deliver to. For example, if you know that the only valid address on the target SMTP host is webmaster@domain.com, then you can add this email address to the list. In that case, hMailServer will only allow delivery to this specific address. This saves bandwidth usage. You can configure hMailServer to deliver to all addresses. If you do, hMailServer will forward any email addressed to the domain to the host specified in the route.
If at first you don't succeed, bomb disposal probably isn't for you! ヅ

LesD
Senior user
Senior user
Posts: 343
Joined: 2009-01-15 20:22
Location: London, UK.

Re: Setting up an MX Backup

Post by LesD » 2011-12-01 12:01

Yes, I did see that and came to the same conclusion as you but it seemed rather illogical, as a route defines only a single domain so a different domain in the list of addresses would be invalid and there redundant and therefore undesirable.

I just wonder if anyone has used it either way.

^DooM^
Site Admin
Posts: 13861
Joined: 2005-07-29 16:18
Location: UK

Re: Setting up an MX Backup

Post by ^DooM^ » 2011-12-01 13:06

Test it and let us know what you find out :)
If at first you don't succeed, bomb disposal probably isn't for you! ヅ

bescher
Normal user
Normal user
Posts: 123
Joined: 2008-05-26 01:56
Location: Milwaukee Wi
Contact:

Re: Setting up an MX Backup

Post by bescher » 2011-12-02 10:18

I use Hmail to backup 2 primaries. Each primary has approx 50 domains and approx 400 users each. Other than spam we have no problems with it and it works very well . We do have each user name listed in each domain(a pain) but the 2 primaries are in a area that has problems with weather (mostly thunderstorms) and everytime they have a power failure and things come backup everything gets sent to the primaries

LesD
Senior user
Senior user
Posts: 343
Joined: 2009-01-15 20:22
Location: London, UK.

Re: Setting up an MX Backup

Post by LesD » 2011-12-02 10:43

Thanks for that, most reassuring.

Just on the question of entering user names - do you enter just the names or the full address including the domain?

Bill48105
Developer
Developer
Posts: 6192
Joined: 2010-04-24 23:16
Location: Michigan, USA

Re: Setting up an MX Backup

Post by Bill48105 » 2011-12-02 17:39

LesD,
I've always entered full address to be safe but not sure really guess you could try it. :D Seems counter-intuitive to need to do full addy if you are defining users under a domain route but then again I wasn't around here when that was designed. lol
Bill
hMailServer build LIVE on my servers: 5.4-B2014050402
#hmailserver on FreeNode IRC https://webchat.freenode.net/?channels=#hmailserver
*** ABSENT FROM hMail! Those in IRC know how to find me if urgent. ***

bescher
Normal user
Normal user
Posts: 123
Joined: 2008-05-26 01:56
Location: Milwaukee Wi
Contact:

Re: Setting up an MX Backup

Post by bescher » 2011-12-03 10:28

I use the full email address. I know it's a pain but it works

Non

LesD
Senior user
Senior user
Posts: 343
Joined: 2009-01-15 20:22
Location: London, UK.

Re: Setting up an MX Backup

Post by LesD » 2011-12-04 01:27

Results of first testing sessions:

Problem 1:

When the backup server cannot deliver to the primary, it reschedules the delivery for 60 minutes.

However, I have changed the retry value to 10 minutes. I have even stopped and restarted hMS but still get the same result.

Running V 5.4

LesD
Senior user
Senior user
Posts: 343
Joined: 2009-01-15 20:22
Location: London, UK.

Re: Setting up an MX Backup

Post by LesD » 2011-12-04 02:05

Problem 2:

This may be due to the way I have set up my testing.

I have taken a domain I do not use and set the MX record to point to the backup server instead of the primary.

The backup server accepts the message.

I have set the Route's Target SMTP host to my primary mail server, expecting the backup to forward it there.

Instead the backup looks up the MX record for the To domain and tries to send it to itself ......

Bill48105
Developer
Developer
Posts: 6192
Joined: 2010-04-24 23:16
Location: Michigan, USA

Re: Setting up an MX Backup

Post by Bill48105 » 2011-12-04 06:59

LesD wrote:Results of first testing sessions:

Problem 1:

When the backup server cannot deliver to the primary, it reschedules the delivery for 60 minutes.

However, I have changed the retry value to 10 minutes. I have even stopped and restarted hMS but still get the same result.

Running V 5.4
That is because you need to change route delivery retry times on the delivery tab of each Route. ;)
http://www.hmailserver.com/documentatio ... ence_route
Delivery
Use Number of retries to specify the number of times you want hMailServer to retry when sending to this domain. If the route is used for MX backup, you will most likely want to set this to a rather high value. Minutes between every retry lets you specify the number of minutes between hMailServer's retries. For example, if the target SMTP host is down, there is no need to retry every minute. On the other hand, if the target SMTP host goes up, you don't want to wait 10 hours for the server to retry. Use Server requires authentication to specify user name and password if the target SMTP host requires authentication.
Btw, if the primary supports it you can enable/use ETRN (mailbagging/holding) on your secondary:
http://www.hmailserver.com/forum/viewto ... 45#p125845

Also, consider using QuickRetries to help out in general (allows you to set your normal retry higher because the 1st X tries are done with a shorter pre-defined delay which helps with greylisting etc):
http://hmailserver.com/forum/viewtopic. ... 47#p117847
Bill
hMailServer build LIVE on my servers: 5.4-B2014050402
#hmailserver on FreeNode IRC https://webchat.freenode.net/?channels=#hmailserver
*** ABSENT FROM hMail! Those in IRC know how to find me if urgent. ***

Bill48105
Developer
Developer
Posts: 6192
Joined: 2010-04-24 23:16
Location: Michigan, USA

Re: Setting up an MX Backup

Post by Bill48105 » 2011-12-04 07:01

LesD wrote:Problem 2:

This may be due to the way I have set up my testing.

I have taken a domain I do not use and set the MX record to point to the backup server instead of the primary.

The backup server accepts the message.

I have set the Route's Target SMTP host to my primary mail server, expecting the backup to forward it there.

Instead the backup looks up the MX record for the To domain and tries to send it to itself ......
You MUST have a unique FQDN for each mail server or use the IP address for the Target SMTP host. You definitely don't want to use a host name that resolves to itself. Remember you want no ambiguity to avoid loops. (hmail has safety built to so it shouldn't connect to itself but no sense in testing it. lol)
Bill
hMailServer build LIVE on my servers: 5.4-B2014050402
#hmailserver on FreeNode IRC https://webchat.freenode.net/?channels=#hmailserver
*** ABSENT FROM hMail! Those in IRC know how to find me if urgent. ***

LesD
Senior user
Senior user
Posts: 343
Joined: 2009-01-15 20:22
Location: London, UK.

Re: Setting up an MX Backup

Post by LesD » 2011-12-04 13:05

Bill48105 wrote: That is because you need to change route delivery retry times on the delivery tab of each Route. ;)
http://www.hmailserver.com/documentatio ... ence_route
But I am! I only have one Route and have set up things as follows.


<mydomain.co.uk> has a single MX pointing to the backup server (so all mail goes there. I can't have my primary in there as I do not want mail to come direct to me)

The route for <mydomain.co.uk> has Target SMTP host set to <mail.anotherdomain.co.uk> which is the address of my primary server.

The mail arrives at the secondary but instead of going out via the route it seems to be just relaying.

Aha! Maybe...

I am using ASSP for spam checking and it is set to block relaying. hMS is set up to allow relaying for connections coming from ASSP as otherwise it will not work.

It looks like hMS is ignoring the Route and just relaying. This also answers an other problem I spotted - the global rule (for filtering spam identified by ASSP) was getting fired, something I would not expect to happen for backup traffic.

But I still do not understand why it is relaying and not following the Route. The domain is certainly only defined in the Route and not in the main Domain section.

.....

I have now taken ASSP out of the loop and the backup server is now refusing mail to this test domain "authentication required".

hMS is definitely just ignoring the Route.

I must have done something wrong somewhere.

Bill48105
Developer
Developer
Posts: 6192
Joined: 2010-04-24 23:16
Location: Michigan, USA

Re: Setting up an MX Backup

Post by Bill48105 » 2011-12-04 17:08

The only reasons hmail would ignore the route is:
1. You spelled the domain name wrong in the Route setup
2. You failed to setup local/remote in Route properly

#1 means you look at it SUPER CLOSE, even delete & try again to make sure.
#2 means look at the mx backup how-to for example or you likely want remote for top one & local for bottom one as shown here: http://www.hmailserver.com/documentatio ... _mx_backup
('external' was renamed 'remote' since that howto was made likely for clarification but it should still be obvious what the intent was.)

Btw make sure the host name you are using always resolves to the primary. You don't want it to round robin to secondary ever. But if hmail is doing MX lookups you must have the route setup wrong as that should not do MX as the host name is know. That is partly why I said to use an IP to be sure. ;)
Bill
hMailServer build LIVE on my servers: 5.4-B2014050402
#hmailserver on FreeNode IRC https://webchat.freenode.net/?channels=#hmailserver
*** ABSENT FROM hMail! Those in IRC know how to find me if urgent. ***

LesD
Senior user
Senior user
Posts: 343
Joined: 2009-01-15 20:22
Location: London, UK.

Re: Setting up an MX Backup

Post by LesD » 2011-12-04 23:06

OK - found it!

The domain in the route was correct but it had a trailing full-stop.

It got there because I was trying to make sure that it was spelled exactly right so I did a copy/paste from the actual MX DNS setup record.

What forgot was that domains in DNS have a trailing full-stop.

And the reason I did not spot it was that I was working on a remote server via VNC and the mail server was itself running inside the server as a VM so things were quite small. I have more excuses but that will do for the moment :)

Thanks Bill for staying with the problem till the end.

I will now continue with more testing.

LesD
Senior user
Senior user
Posts: 343
Joined: 2009-01-15 20:22
Location: London, UK.

Re: Setting up an MX Backup

Post by LesD » 2011-12-05 00:26

Testing Addresses:

An address must have the full domain appended as otherwise it generates a 421 error "Recipient not in route list." and the sending hMS then goes into a retry loop. (I would have expected it to be treated as a rejection and not a recoverable error but I do not know what else might generate a 421)

So that is a bit of a pain.

The whole implementation of the Addresses tab is a bit problematic for me. Each address has to be added one by one and in case of an input error there is no Edit - just Add or Remove.

Across all my domains I have about 200 valid user names. Not all are used in all domains but the majority can be used in most domains.

The list actually lives in the ASSP front-end, independent of the domain names. If I could just copy/paste the lot in one go it would not be too bad but to add each one to each domain is not really on.

The above is just for theoretical consideration.

In practice all my hMS sites are front-ended by ASSP and it is ASSP that does the user authentication.

In ASSP the user list is just a text file list and can contain just the user name, the full name including the domain or even a partial domain. My list is mainly just user names with a few domain specific names.

All I need to do is to chuck the whole list from my primary server into the list on the secondary server. That is not quite a perfect solution as that will also allow names on my list to slip through to the domains being serviced on that server (it is not a dedicated backup server - it is the server of client who has agreed to act as a backup for me and I will return the favour).

However I do not see the above as a serious problem and there is always the option to fully qualify each name.

In any event it looks like a viable option so I am going to give it a go.

Thanks for all the assistance.

LesD
Senior user
Senior user
Posts: 343
Joined: 2009-01-15 20:22
Location: London, UK.

Re: Setting up an MX Backup

Post by LesD » 2011-12-05 00:29

bescher wrote:I use Hmail to backup 2 primaries. Each primary has approx 50 domains and approx 400 users each. Other than spam we have no problems with it and it works very well . We do have each user name listed in each domain(a pain) but the 2 primaries are in a area that has problems with weather (mostly thunderstorms) and everytime they have a power failure and things come backup everything gets sent to the primaries
Have you considered using ASSP as a front end to hMS?

I have found it excellent in keeping spam down to virtually zero - and that is without really trying. With a bit more effort I'm sure I could train it to be even better.

Bill48105
Developer
Developer
Posts: 6192
Joined: 2010-04-24 23:16
Location: Michigan, USA

Re: Setting up an MX Backup

Post by Bill48105 » 2011-12-05 02:37

LesD,
Yeah I kind of figured full email address was needed. It is possible the 'default domain' could be used but not sure if that applies to list addresses or not. I think the 421 thing was my doing & I never put in option for the method so suppose I need to look into that. At hand is hmail would 5xx reject any email to a secondary route if the user wasn't defined but IMO that is BAD NEWS especially in the case of hmail where keeping the users updated is quite difficult so IMO it made more sense to temp fail with a 4xx when the user wasn't defined vs 5xx perm fail them so that if the secondary list wasn't up-to-date the sender should try again (and maybe you'll have added the user or the primary is back up again) rather than it bouncing back due to configuration error (or admin laziness) vs some legit issue. I meant to put in an INI setting for that but don't think I ever got around to it. Again IMO it is worse to incorrectly reject a good email than to fake a temp fail in the case where the user list is not updated.

Here is the commit comment I made back when I made the change (found in the SVN logs)
Sunday, November 21, 2010 3:17:03 PM:
Rejects for non-existent Route users now 421 temp vs 550 perm. Logic is it still stops secondary-relay spam but is safer if you define specific users in case list is not up-to-date. Should be as safe as greylisting since primary should accept eventually but could create a bit more traffic because of that.
In terms of the GUI admin yeah it can leave a lot to be desired especially for some areas like lists & managing route users. (CSV import/export would be grand) The great thing though is you have TONS of power/control using the COM interface & scripting so instead of spending time hand entering them all could script an import method from your ASSP config files (or any text file). Or do like I did & mod the included phpwebadmin code to do imports. (It is a mess or I'd share but I think I spent maybe 15 minutes on the changes needed to import users from my old mail server.)

Btw I act as secondary for like 20+ domains & one of the things I'd love to get working is an auto-sync of secondary route users with the primary running hmailserver just haven't had time. Odds are I'll do it in vbscript rather than build into hmail though but could change my mind once I get working on it. But it is a pain to keep them updated & the 4xx temp fail is a life saver!
Bill
hMailServer build LIVE on my servers: 5.4-B2014050402
#hmailserver on FreeNode IRC https://webchat.freenode.net/?channels=#hmailserver
*** ABSENT FROM hMail! Those in IRC know how to find me if urgent. ***

LesD
Senior user
Senior user
Posts: 343
Joined: 2009-01-15 20:22
Location: London, UK.

Re: Setting up an MX Backup

Post by LesD » 2011-12-05 12:34

Thanks for the detailed response.

You have made your case well and I agree that it is better to keep retrying and give the administrator a chance to update the address list when first setting up a system or making alterations.

However, I would strongly argue for putting in an option, as you mentioned. You need to differentiate between 'setup' mode and 'running' mode.

Once a system is up an running then the argument to cause a prompt bounce is much stronger. The period of retry for a backup system would typically be several days rather than hours (I have set it to 14 days) so it will be a long time before anyone realises that mail is not getting through. So an immediate bounce is preferable in such a case.

LesD
Senior user
Senior user
Posts: 343
Joined: 2009-01-15 20:22
Location: London, UK.

Re: Setting up an MX Backup

Post by LesD » 2011-12-05 12:45

Bill48105 wrote:LesD,
Yeah I kind of figured full email address was needed. It is possible the 'default domain' could be used but not sure if that applies to list addresses or not.
It is more than just a 'default domain'. In the case of a Route there can only be a single domain in the route so having to enter the domain as well is totally redundant. Combine that with a lack of validation, it becomes error prone as well as tedious.

In the database, the address may well need to be stored in full to make the run time comparison simple, but on initial input it would probably be simple to automatically append the domain.

Bill48105
Developer
Developer
Posts: 6192
Joined: 2010-04-24 23:16
Location: Michigan, USA

Re: Setting up an MX Backup

Post by Bill48105 » 2011-12-05 16:45

LesD wrote:Thanks for the detailed response.

You have made your case well and I agree that it is better to keep retrying and give the administrator a chance to update the address list when first setting up a system or making alterations.

However, I would strongly argue for putting in an option, as you mentioned. You need to differentiate between 'setup' mode and 'running' mode.

Once a system is up an running then the argument to cause a prompt bounce is much stronger. The period of retry for a backup system would typically be several days rather than hours (I have set it to 14 days) so it will be a long time before anyone realises that mail is not getting through. So an immediate bounce is preferable in such a case.
Well I've never run into any issue leaving it as it is & been using it that way for over a year with 250+ users. I think the reason is any proper mail server will try each mail server for a domain & eventually will go back to the primary. That could be 5 min or could be days or never depending on why the secondary was used in 1st place. In my experience 90% of attempts on a secondary are just spammers anyway as normally no legit sender will try a secondary unless the primary is down. And I know of no mail server that will solely retry just a secondary to get 'stuck' on it either assuming the primary does come back up (if primary doesn't come back up then the mail will never get delivered anyway even if accepted by the backup!)

Anyway yes I planned on making an INI setting (which like all INI settings could be migrated to database & added to GUI at some point) but forgot about this change until you brought it up. Just shows how well it works as-is that no one complained. ;)
Bill
hMailServer build LIVE on my servers: 5.4-B2014050402
#hmailserver on FreeNode IRC https://webchat.freenode.net/?channels=#hmailserver
*** ABSENT FROM hMail! Those in IRC know how to find me if urgent. ***

Bill48105
Developer
Developer
Posts: 6192
Joined: 2010-04-24 23:16
Location: Michigan, USA

Re: Setting up an MX Backup

Post by Bill48105 » 2011-12-05 16:50

LesD wrote:It is more than just a 'default domain'. In the case of a Route there can only be a single domain in the route so having to enter the domain as well is totally redundant. Combine that with a lack of validation, it becomes error prone as well as tedious.

In the database, the address may well need to be stored in full to make the run time comparison simple, but on initial input it would probably be simple to automatically append the domain.
I'm not arguing the fact nor demanding default domain could/should work, just commenting that in hmail often if something fails the default domain is tacked on & tried that's all. I actually agree it seems silly to have to type in the domain on every one but that is the way it is. I am guessing it makes the queries/deliveries simpler & more efficient but that doesn't mean the GUI couldn't be tweaked to help out by adding it. Problem is if you force that you'll end up with someone complaining it does it so it is a lose-lose sometimes.

In any case you can spend more time complaining about it or spend that time entering them with domains or scripting something to do it for you or modifying the source to suit your needs. ;)
Bill
hMailServer build LIVE on my servers: 5.4-B2014050402
#hmailserver on FreeNode IRC https://webchat.freenode.net/?channels=#hmailserver
*** ABSENT FROM hMail! Those in IRC know how to find me if urgent. ***

LesD
Senior user
Senior user
Posts: 343
Joined: 2009-01-15 20:22
Location: London, UK.

Re: Setting up an MX Backup

Post by LesD » 2011-12-05 17:24

No complaints at all from me! On the contrary, as time goes by and my knowledge of mail servers increases I become more and more impressed with what I can achieve with hMS.

These postings are just for the purpose of better understanding the product and just maybe helping to improve it if the resources are available and the changes are considered to be justified. I agree that what I want/need is all achievable as-is without changes.

I would make one point though on the question of the secondary server only being used when the primary is down.

In my case about 5% of genuine mail (plus a few bits of spam) come in via my backup MX records even though the primary is not down.

This is caused by Greylisting where the sending servers, after receiving a polite 'please try later' go straight off to the backup MX and deliver via there. I have been using my ISP's server for that and then collecting the mail via POP3.

Unfortunately, that method leaves certain emails undeliverable as the original envelope address has been lost - despite hMS trying its best - and they end up in the catch-all account for subsequent manual distribution. Not in itself a major problem but sometimes it is embarrassing for people to see that the mail has gone via a third party.

That has been the driving force for me to find an alternative solution, and what better than to use an other hMS setup.

LesD
Senior user
Senior user
Posts: 343
Joined: 2009-01-15 20:22
Location: London, UK.

Re: Setting up an MX Backup

Post by LesD » 2011-12-05 17:30

I accept your arguments that generally mail is sent to the backup server only for short periods of time and therefore the 'retry' route is the most appropriate and safe.

Thanks again for taking the time to explain.

Bill48105
Developer
Developer
Posts: 6192
Joined: 2010-04-24 23:16
Location: Michigan, USA

Re: Setting up an MX Backup

Post by Bill48105 » 2011-12-05 17:46

LesD wrote:I accept your arguments that generally mail is sent to the backup server only for short periods of time and therefore the 'retry' route is the most appropriate and safe.

Thanks again for taking the time to explain.
LOL not trying to say my way or the highway. ;) As I said I never intended to leave it the new 421 way, I meant to put in INI setting at least. I guess my subconscious decided for me that the 421 way was safer & forgot to remind me to change it back to the old way & add INI. :D

Anyway in the past year of use I have found it is VERY common for the primary to get updated but the secondary doesn't and I'd rather have a temp fail if one tries to come in than a perm fail. Plus it makes it less urgent to get the secondary updated for busy people. :D
Bill
hMailServer build LIVE on my servers: 5.4-B2014050402
#hmailserver on FreeNode IRC https://webchat.freenode.net/?channels=#hmailserver
*** ABSENT FROM hMail! Those in IRC know how to find me if urgent. ***

LesD
Senior user
Senior user
Posts: 343
Joined: 2009-01-15 20:22
Location: London, UK.

Re: Setting up an MX Backup

Post by LesD » 2011-12-05 19:10

I think your argument is so strong that it begs the question whether there is any need to set up any valid names on the secondary?

The 421 reply will just tell the sender to keep trying until the primary comes back on line! :)

What is wrong with that logic?

I can see just one advantage for accepting the mail on the secondary and that is that I can then control how long I want my secondary to keep retrying until it sends a bounce.

Bill48105
Developer
Developer
Posts: 6192
Joined: 2010-04-24 23:16
Location: Michigan, USA

Re: Setting up an MX Backup

Post by Bill48105 » 2011-12-05 19:52

LesD wrote:I think your argument is so strong that it begs the question whether there is any need to set up any valid names on the secondary?

The 421 reply will just tell the sender to keep trying until the primary comes back on line! :)

What is wrong with that logic?

I can see just one advantage for accepting the mail on the secondary and that is that I can then control how long I want my secondary to keep retrying until it sends a bounce.
LMFAO that is true. Too funny.

Yupper there is always a risk the remote end won't honor the temp fail & bounce right away (which you would end up with the old 5xx response anyway) & there is the chance it could be retried forever (if they truly consider it temp they won't give up but I'd hope any sender would still have some retry counter even for temp fails). I'd figure any sender of important email will honor a temp fail & keep trying for a reasonable amount of time though.

But yeah very interesting idea there.. Have your secondary just give temp fails until the primary comes up & voila. lol
Bill
hMailServer build LIVE on my servers: 5.4-B2014050402
#hmailserver on FreeNode IRC https://webchat.freenode.net/?channels=#hmailserver
*** ABSENT FROM hMail! Those in IRC know how to find me if urgent. ***

Post Reply