script would check the first mx record and only if that is down, would open Port 25 on the backup server

Use this forum if you have problems with a hMailServer script, such as hMailServer WebAdmin or code in an event handler.
Post Reply
User avatar
Bob.Dig
New user
New user
Posts: 26
Joined: 2020-06-29 09:18
Location: Berlin

script would check the first mx record and only if that is down, would open Port 25 on the backup server

Post by Bob.Dig » 2020-07-13 13:34

First, I have no clue about scripting, for hmail or in general and I don't think you can do that with hmail scripting but I ask anyway:
Wouldn't it be nice, to have a backup email server only running, or "opened", if the first mx is actually down? I read here about spammers targeting the last servers within the mx record and such. So if a powershell(?) script would check the first mx record and only if that is down, would open Port 25 on the backup server, wouldn't that be great?

User avatar
SorenR
Senior user
Senior user
Posts: 3818
Joined: 2006-08-21 15:38
Location: Denmark

Re: script would check the first mx record and only if that is down, would open Port 25 on the backup server

Post by SorenR » 2020-07-13 13:48

https://en.wikipedia.org/wiki/Nolisting

Alternatively ...

I had a Backup MX for many years and my DNS would list priority 1 = mailserver, priority 2 = backupmx, priority 3 = mailserver.
Everything would go to priority 1
if priority 1 is down, everything go to priority 2
Spammers trying to circumvent Anti-SPAM would use priority 3 (which is also priority 1) and achieve nothing.
SørenR.

“Those who don't know history are doomed to repeat it.”
― Edmund Burke

User avatar
Bob.Dig
New user
New user
Posts: 26
Joined: 2020-06-29 09:18
Location: Berlin

Re: script would check the first mx record and only if that is down, would open Port 25 on the backup server

Post by Bob.Dig » 2020-07-13 13:56

SorenR wrote:
2020-07-13 13:48
Alternatively ...
Interesting. I had hmail server running for years and had no spam at all, but I am not using it much anyway. And I like your suggestion, thank you for that, but would prefer something more clean, like actually open (and closing) ports only if needed or similar. I thought maybe someone here already does it like this?

User avatar
mattg
Moderator
Moderator
Posts: 21105
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: script would check the first mx record and only if that is down, would open Port 25 on the backup server

Post by mattg » 2020-07-13 14:04

You would need to run that script on the backup mx, and that would be independent of hMailserver

On Linux I would use 'monit' to do that
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

User avatar
SorenR
Senior user
Senior user
Posts: 3818
Joined: 2006-08-21 15:38
Location: Denmark

Re: script would check the first mx record and only if that is down, would open Port 25 on the backup server

Post by SorenR » 2020-07-13 14:06

Bob.Dig wrote:
2020-07-13 13:56
SorenR wrote:
2020-07-13 13:48
Alternatively ...
Interesting. I had hmail server running for years and had no spam at all, but I am not using it much anyway. And I like your suggestion, thank you for that, but would prefer something more clean, like actually open (and closing) ports only if needed or similar. I thought maybe someone here already does it like this?
A Backup MX is usually OFF-SITE in case someone run a CAT over your internet cable.
Attachments
60694811_2055515784753806_3353411053403766784_n.jpg
SørenR.

“Those who don't know history are doomed to repeat it.”
― Edmund Burke

User avatar
Bob.Dig
New user
New user
Posts: 26
Joined: 2020-06-29 09:18
Location: Berlin

Re: script would check the first mx record and only if that is down, would open Port 25 on the backup server

Post by Bob.Dig » 2020-07-13 14:09

mattg wrote:
2020-07-13 14:04
You would need to run that script on the backup mx, and that would be independent of hMailserver

On Linux I would use 'monit' to do that
True, but my backup mx would still be a hmailserver, because reasons (I have no clue about linux). 8)
So I would be interested in a Win-solution.

ara
New user
New user
Posts: 2
Joined: 2011-03-03 08:36

Re: script would check the first mx record and only if that is down, would open Port 25 on the backup server

Post by ara » 2020-07-14 08:54

For port testing, you can use this tool http://www.portchecktool.de.

User avatar
Bob.Dig
New user
New user
Posts: 26
Joined: 2020-06-29 09:18
Location: Berlin

Re: script would check the first mx record and only if that is down, would open Port 25 on the backup server

Post by Bob.Dig » 2020-07-14 12:28

ara wrote:
2020-07-14 08:54
For port testing, you can use this tool http://www.portchecktool.de.
No, there are easy powershell commands that can do that for you. But someone would have to create a full script to do everything what has to be done, to have a turn key solution.

User avatar
SorenR
Senior user
Senior user
Posts: 3818
Joined: 2006-08-21 15:38
Location: Denmark

Re: script would check the first mx record and only if that is down, would open Port 25 on the backup server

Post by SorenR » 2020-07-14 14:50

How would you monitor the primary server?

There is a million different ways the primary server could stop responding ...

Manipulating ports in hMailServer ...
https://www.hmailserver.com/documentati ... _tcpipport
SørenR.

“Those who don't know history are doomed to repeat it.”
― Edmund Burke

User avatar
Bob.Dig
New user
New user
Posts: 26
Joined: 2020-06-29 09:18
Location: Berlin

Re: script would check the first mx record and only if that is down, would open Port 25 on the backup server

Post by Bob.Dig » 2020-07-14 15:07

Probably would to

Code: Select all

PS C:\> tnc www.shellhacks.com -p 25
But again, I have no clue about powershell scripting or scripting in general.
Last edited by Bob.Dig on 2020-07-14 15:23, edited 1 time in total.

User avatar
SorenR
Senior user
Senior user
Posts: 3818
Joined: 2006-08-21 15:38
Location: Denmark

Re: script would check the first mx record and only if that is down, would open Port 25 on the backup server

Post by SorenR » 2020-07-14 15:21

Bob.Dig wrote:
2020-07-14 15:07
Probably would to

Code: Select all

PS C:\> tnc www.shellhacks.com -p 443
But again, I have no clue about powershell scripting or scripting in general.
Webserver may run while mailserver is crashed ...

You would need a "heartbeat" between the two servers. Primary server would monitor internals is functioning (somehow) and "flatline" in case of problems (service stopped/crashed, computer stopped/crashed or Internet connection stopped/crashed).
Secondary server would sleep until primary server "flatline". The "heartbeat" could be as simple as a job on the primary server polling a webpage on the secondary server.
When polling webpage a timestamp is logged and when timestamp is older than 3 minutes the port on the secondary server is opened. WHEN the "heartbeat" is resumed the port on the secondary server is closed...

Easy peasy :mrgreen:
SørenR.

“Those who don't know history are doomed to repeat it.”
― Edmund Burke

User avatar
Bob.Dig
New user
New user
Posts: 26
Joined: 2020-06-29 09:18
Location: Berlin

Re: script would check the first mx record and only if that is down, would open Port 25 on the backup server

Post by Bob.Dig » 2020-07-14 15:27

SorenR wrote:
2020-07-14 15:21
Easy peasy :mrgreen:
Sry, updated the port in post above.
I really like my idea :D , that the second sever is always on and the script is just scanning port 25 of the first server. Then, if it is not reachable, the script would open port 25 of the firewall of the second server. If server one comes up again, it would close port 25.
At least it sounds simple to me.

User avatar
fjansen04
Normal user
Normal user
Posts: 45
Joined: 2008-08-30 15:49
Location: The Netherlands

Re: script would check the first mx record and only if that is down, would open Port 25 on the backup server

Post by fjansen04 » 2020-07-14 17:54

Or, use this:

http://www.junkemailfilter.com/spam/fre ... rvice.html

The backup mx checks if the first mx is up.
HMS 5.6.8 B2494 on Windows Server 2016

User avatar
Bob.Dig
New user
New user
Posts: 26
Joined: 2020-06-29 09:18
Location: Berlin

Re: script would check the first mx record and only if that is down, would open Port 25 on the backup server

Post by Bob.Dig » 2020-07-14 18:01

fjansen04 wrote:
2020-07-14 17:54
Or, use this:
Hell no. I don't want to use any third party.
My first mx is at home, the second mx is at my vps, also hmail.
At home I have a pfSense with pfBlocker, but not at my vps.
So some extra security I wouldn't mind, although I never had spam in the first place, so I am hardly know what I am talking about. :wink:

mikedibella
Normal user
Normal user
Posts: 230
Joined: 2016-12-08 02:21

Re: script would check the first mx record and only if that is down, would open Port 25 on the backup server

Post by mikedibella » 2020-07-14 19:41

I read that you want to host a second instance of HMS on a different server than your primary HMS host, this second HMS would be listed in the DNS with an MX having a higher Priority number than your primary host. You want this backup server to be listening for connections on port 25 only when the secondary server detects that connections to the primary server cannot be made.

Monitoring software can do all of that. I use Servers Alive (https://www.woodstone.nu/salive/download.php). This software can monitor an SMTP port and alarm when the either a connection cannot be made or the protocol response to connection is incorrect. It can also trigger a command or a start a service on the local system.

The free version of Servers Alive allows for ten monitoring points, or checks. It is not time-limited.

So, using Servers Alive, create a monitor using the built-in SMTP protocol definition. Servers Alive will connect to the remote host and look for "220" to be returned, if it sees this data in the response, it will tidy up by sending a QUIT, close the connection, and mark the server as up. If it doesn't see it, it will close the connection and mark the server down.

Next, Servers Alive, based on the primary HMS server being transitioned to down, it can trigger either a start of the primary HMS server, or you can specify a command such as SC.EXE to resume the service from paused.

The only thing left to engineer is when to stop or pause the the secondary server. Presumably you would only want to do that then the queue of the secondary server is drained, so that you don't wind up sequestering undelivered messages when the primary server comes back up.

This is going to require a little more ingenuity. Servers Alive can also execute a check conditionally based on whether a parent check is up or down, so you would create a second check that is only evaluated based on the primary server being up. The second check runs a utility to determine the number of messages in queue. If the queue length is zero, the check stops or pauses the secondary HMS server.

I wrote a small utility to serve this purpose. It is posted here: https://www.hmailserver.com/forum/viewt ... 20&t=30859

User avatar
Bob.Dig
New user
New user
Posts: 26
Joined: 2020-06-29 09:18
Location: Berlin

Re: script would check the first mx record and only if that is down, would open Port 25 on the backup server

Post by Bob.Dig » 2020-07-14 19:47

Interesting. Thank you.

palinka
Senior user
Senior user
Posts: 2172
Joined: 2017-09-12 17:57

Re: script would check the first mx record and only if that is down, would open Port 25 on the backup server

Post by palinka » 2020-07-16 13:23

SorenR wrote:
2020-07-14 14:50
How would you monitor the primary server?
https://hmailserver.com/forum/viewtopic ... 01#p215301

Here's one way. :D

Post Reply