Multiple mail servers for a single domain
It's common practice to have more than one MTA facing the internet like this.
It's also fairly simple to 'consolidate' email from your internet-facing servers; you simply configure the 'backup' MX server to forward all the incoming email to the 'main' server which acts as the mail store your email clients connect to.
So if your email clients normally connect to MX1.example.org then MX2.example.org does nothing else other than forward email to MX1. If MX1 is unavailable then, like any other SMTP server, MX2 can queue email until MX1 becomes available.
Probably a more common scenario for busier systems is to have both these servers forward email to a 'back end' email store, which is what your clients connect to. This allows the internet-facing systems to be dedicated to processing incoming (and outgoing perhaps) email queues for spam filtering, malware scanning, etc. and also for these systems to be offline for patching (you want to patch vulnerabilities in internet-facing systems quickly right?) without affecting the service to your end users.
Related videos on Youtube
18 : 21
01 : 43
01 : 57
05 : 28
14 : 14
jduncanator
Updated on September 18, 2022Comments
-
jduncanator over 1 year
Running a "DNS scan" to make sure my DNS zones are setup "correctly" led to the suggestion by the tool to run more than one mail server for redundancy. It got me thinking about how one would implement such thing.
Assume I have two mail servers, mx1.example.org and mx2.example.org. MX1 has higher priority. Assume each server is located geographically apart from each other. For any configuration related answers, assume they are running Postfix. How would I configure my MTA (Postfix) to consolidate email received by both mail servers into one response for clients?
Take the following example: I send an email to myself and it is delivered to mx1. Now mx1 has some downtime and someone sends me an email, it is delivered to mx2. My mail client is setup to use IMAP and retrieves mail from mx1. In the above scenario, I would only be able to retrieve the email I sent myself as the second email is sitting on mx2. In order for me to read the second email, mx1 needs to know about it from mx2.
Is this something I need to configure in my MDA, or does postfix have some feature to handle this situation?
-
Rob Moir about 10 yearsThis question is very broad (books have been written on the subject of how email servers work) and reads a lot like you're asking people to do your research for you. You may want to edit the question to ask some specific questions you have after reading up on things like MX records (if you've done enough work to know to tag the question as related to MX records then you should really know the answer to at least one of your questions). -
jduncanator about 10 yearsMy bad, totally forgot about priority levels for MX records, will remove that question + tag.
-
jduncanator about 10 years@RobM I've updated my question to be more specific.
-
MadHatter about 10 yearsYour model of how this works is not how this is normally done (save by the very largest providers, who do indeed have multiple points of final delivery - and infrastructures to support this that are way too complex for an SF question). Instead,
mx2also knows thatmx1is 1ary for mail, and holds mail received for your domain in queue untilmx1comes back, and it can deliver it on. -
MadHatter about 10 yearsPrecisely so. Yes.
-
-
jduncanator about 10 yearsHow would you distribute incoming email between internet facing MTAs in the malware scanning example you gave above? MX records with the same priority levels? Also, what would you suggest me searching to find information regarding forwarding emails to another email server?
-
Rob Moir about 10 years@jduncanator yep, this is an example of load balancing by DNS Round Robin - as for forwarding emails, I'm not a postfix person so I can't answer that as well as others here can, but its a common enough configuration that I can't imagine it being difficult to dig out, all you're doing (if MX1 is your main server and mail store) is telling MX2 to forward all email for example.org to MX1.
-
Rob Moir about 10 years@jduncanator I'd probably want to be more specific and say all email for example.org rather then all email because you don't want it forwarding rubbish, but broadly speaking, yes.
-
jduncanator about 10 yearsYea. So you'd run the same config as MX1 except instead of delivering it locally, it forwards it onto MX1. On another note, if MX1 was down, wouldn't MX2 just return a bounce back email and say the message was undeliverable?
-
MadHatter about 10 yearsIf
mx1was down for long enough, yes, it would, and this is broadly desirable. You should tune the MTA onmx2so it doesn't send them too early, though. And fixmx1so it doesn't die so often! -
jduncanator about 10 yearsThis was more of a hypothetical question anyway, but with the prices of VPSes capable of running mail servers being practically 2$ a month, there is no reason not to have a backup mail server :)
