CentOS - Jul 2008 - question regarding mx servers with same priority

Dear ALL

I have the following setup running good for quite sometime and i wd really
apprecite if someone wd help or give some suggestions

centos 5.1
sendmail
dns server

now recently our mail usage has increased considerably and moreover Mails
have become a utmost top priority

i have 2 options now

1) have a backup server with lower higher MX

i tested this setup n had some queries earlier n thanks to guys like scott
for some prfect advise i did manage to check it out n it works beautiful

2) have another server with same value of MX so it cd load balance and
also doc says if one server is down or unavaliable the oher server would
receive mail

now my query is ... if i now configure a second mail server with same MX
priority .

a) do i have to create all the existing user accounts on my existing email
server to this new server
cause i already hav about 300+ email users already

b) incase my first email server fails are the emails on the first server lost

c) alos apprecite if someone can help me with any links or docs for the
above setup


apprecite and really thnks in advance


regards
Fabian





-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

fabian dacunha wrote:
> a) do i have to create all the existing user accounts on my existing email
> server to this new server
> cause i already hav about 300+ email users already
Depends what you want to accomplish, for the simplest of setups,
no. You can (depending on the MTA of course), simply route all mail
for a particular domain or host name to another system.

In postfix this is accomplished like this:
(snip the usual basic config)
transport_maps = hash:/etc/postfix/transport
local_recipient_maps = proxy:unix:passwd.byname, $alias_maps,
hash:/etc/postfix/local_recipient

then in /etc/postfix/local_recipient:
@mydomain.com             THIS VALUE MUST BE PRESENT BUT IS IGNORED

and in /etc/postfix/transport:
mydomain.com         smtp:name_of_other_smtp_server

run postmap hash:/etc/postfix/local_recipient
run postmap hash:/etc/postfix/transport
restart postfix and off you go.

If you want to reject mails for invalid users at the backup MX then
you can probably put the user names in the local_recipient file above,
create the accounts on the system, or use a distributed authentication
database like SQL, LDAP etc. My preference is the above blind forward
method, if the user is invalid then the server will reject it, I don't
care if it sits in the queue for a few days on the backup system.
> b) incase my first email server fails are the emails on the first server
> lost
Depends on what you mean by fail and depends if the mail on the first
server is stored there or if that system simply forwards on to another
host for delivery to users. If the users that read mail access it from
that system, and that system bursts into flames, and the mails happen
to sit on internal storage inside the system(as opposed to a NAS or
a SAN) then yes mail stored on that system is lost. If the system
simply crashes and needs to be rebooted then it is likely nothing
is lost.

nate

On Wed, Jul 16, 2008, fabian dacunha wrote:
>
>Dear ALL
>
>I have the following setup running good for quite sometime and i wd really
>apprecite if someone wd help or give some suggestions
>
>centos 5.1
>sendmail
>dns server
>
>now recently our mail usage has increased considerably and moreover Mails
>have become a utmost top priority
>
>i have 2 options now
>
>1) have a backup server with lower higher MX
>
>i tested this setup n had some queries earlier n thanks to guys like scott
>for some prfect advise i did manage to check it out n it works beautiful
>
>2) have another server with same value of MX so it cd load balance and
>also doc says if one server is down or unavaliable the oher server would
>receive mail
>
>now my query is ... if i now configure a second mail server with same MX
>priority .
Having multiple servers with the same MX priority works fine (I prefer to
think of this as distance as the lower ones have higher priority).  There's
no good reason to have multiple distances other than the shortest for final
delivery and one or more with higher in case the primary is not available
for some reason.
>a) do i have to create all the existing user accounts on my existing email
>server to this new server
>cause i already hav about 300+ email users already
No, the secondary MX server(s) don't need any user accounts.  Using
postfix, we do generate a virtual file for each secondary MX server
containing all the valid addresses for the domain(s) served by the primary
server, allowing the MX servers to reject invalid accounts without having
real user accounts.

There are some good arguments for having a single MX server rather than
multiple MX servers as it prevents spammers from attempting to deliver mail
through the higher distance MX servers which may well not have the same
anti-spam rules.  At one of our regional ISP customers with about 10,000 e-
mail accounts, we use a single MX server to accept incoming messages,  This
server runs postfix, amavisd-new, and clamav to pre-screen incoming
messages for worms (Windows is the Virus) and phishing messages, then it
forwards clean messages to a cluster of systems that do spamassassin
checking and message delivery to the user's Maildir message stores which
are NFS mounted on a central server.

The MX server in this case rejects about 2,000,000 messages a day using a
variety of IP filters, and delivers about 250,000 messages a day.  It has a
load average less than 1.00 except during the daily maintenance and
security audits.

It actually is the primary MX server for two distinct groups of domains,
each with a separate user base.  Each machine that is home to the user's
home directories updates its own section of the postfix virtual table,
using rsync to update the MX server whenever anything changes with the
users.  The MX server uses the postfix transport file to direct mail to the
appropriate cluster servers to deliver mail.

Bill
-- 
INTERNET:   bill at celestial.com  Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/  PO Box 820; 6641 E. Mercer Way
Voice:          (206) 236-1676  Mercer Island, WA 98040-0820
Fax:            (206) 232-9186

People from East Germany have found the West so confusing. It's so much
easier when you have only one party. -- Linus Torvalde, Linux Expo Canada
when asked about confusion over many Linux distributions.