I need to run a redundant backup mail server in case the main one goes down.
The settings in GoDaddy look something like the following:
A (Host)
Host Points to
@ ip address of mail1 41.x.x.x
mail1 ip address of mail1 41.x.x.x
mail2 ip address of mail2 196.x.x.x
MX
Priority host points to
10 @ mail1.mydomain.com
20 @ mail2.mydomain.com
When mail1 goes down, mail2 is able to get emails. I can access it through the browser with no problem, but I want my users to able to pop3/smtp as well without changing anything in their outlook. I dont want any impact to the users when mail1 is down.
Also, I'm using the windows server DFS to keep both folders of the mails in sync. Is this the right way, or should I be using something else?
Your DNS setup is OK to get redundancy on the "receiving" part.
The problem of syncing the mails still persists. I don't know how you are solving this. I even don't know if your server software is able to handle the situation that a user could purge the mails from one server while the other still delivers to the mailbox and simultaneously the syncing process copies mail from one to the other.
Nonetheless you still need to switch the POP3 server in case of a fault. Or how should they know that their POP3 server is changing from mail1 to mail2?
MX
is only for identifying who to talk to in order to send mail to your domain. You will need some other solution for IMAP/POP clients to read their mail when one server or the other is down. Depending on your DNS settings and how long the server is down for and how fast you respond, you could havemail.mydomain.com
that is aCNAME
formail1.mydomain.com
until mail1 goes down and then you change it to mail2, but this takes time to work, and if your mailserver is only down for a few minutes, you end up making the problem worse (since mail1 will be back up but everyone will be using mail2). Another option would be to makemail
a high-availability proxy that automatically forwards connections to mail1 or mail2, whichever server is working.As for using DFS for synchronizing folders, I'm not sure how the mailserver you're using (exchange?) stores the mail. If it stores the mail in one large file, then if an email is sent to both mail1 and mail2 at the same time, you will lose mail. (According to this, if two servers change the file at the same time, whoever started first loses and that version of the file is moved to the Conflict and Deleted folder). The standard configuration is for the secondary SMTP server to forward the mail to the primary SMTP server when the primary server is back online. Ideally you also configure it with a list of users so that it won't try to forward invalid/spam addresses to the primary server.
If mail2 is very absolutely sure that mail1 is down mail2 should take over the service-ip for mail1 in addition to his own service-ip. I would not fiddle with DNS. There is too many caching involved there.
When mail1 is up again you need a proper procedure to get it back online (including failback of its service ip). I would never use any auto-failback-mechanisms in any cluster.
Clustering software should be able to handle this - but be sure to test all cases.
You need a DNS fail-over (not load balancing) solution to achieve this. Ie, you will use a single MX mail.yourdomain.com, but the A record of mail will be switched dynamically as per the availability of your mail server. By this way, your client's won't get interrupted by the server failure. Check the zoneedit fail-over url: http://www.zoneedit.com/failover.html for more details. Also http://extns.net/ seems to be providing free DNS service with fail-over, but not sure how reliable they are.
Remember that, you need to set this failover for your Mail Exchanger domain only, ie mail.yourdomain.com only. You can notice that the failover options are for webserver, so what you have to do is to add your MX domain mail.yourdomain.com as a separate zone and configure failover with it.
-$
Normally, the backup mail server should (eventually) forward the email to the primary mail server. When the primary mail server comes up, then the queued email will be forwarded to the primary mail server. Alternatively, both primary and secondary mail servers will forward mail to the same MDA (Mail Delivery Agent) server. In either case the user gets their email from one server.
If you have lots of users, you may want to split the MX and MDA services on separate servers. This will allows you to have different users on different servers.
Configure the backup to hold the email for a sufficient amount of time for the primary (or MDA) server to be recovered. You may want to allow for a week or more. Make sure you replicate the user list to the backup server. Other than e-mail forwarding, the configurations should be as identical as possible. This includes Spam filtering if you are doing so. The primary server is normally configured to trust email arriving from the backup mail server.
Many mail servers will allow you to manually trigger delivery of messages from the queue. You may want to do this if the primary mail server has been down for more than a few hours. Otherwise it may take quite a while for mail to be delivered.
The chapter on Electronic Mail in the Unix and Linux System Administration Handbook is a good reference for what you are doing.