View previous topic :: View next topic |
Author |
Message |
Frautoincnam Apprentice
Joined: 19 May 2017 Posts: 290
|
Posted: Sat Apr 17, 2021 7:44 pm Post subject: [partially SOLVED] postfix MX backup local delivery |
|
|
Hi,
I have a primary mail server (postfix) working fine for years, named here PRIMARY (smtp.mydomain)
Now, I want to configure a MX backup (postfix) named here SECONDARY (vps1.mydomain) :
1) to receive all mails when PRIMARY is down, then relaying them
AND
2) to send all local mails to PRIMARY
PRIMARY and SECONDARY have same domain (mydomain)
I only modify SECONDARY postfix configuration.
1) is ok (for the moment)
but I can't have 2)
With mydestination = vps1.mydomain, emails are locally delivered.
With mydestination = localhost, I get bounced "loops back to myself"
I tried a lot of configurations, and never get 1) and 2) working.
I don't know what to try else.
Code: | # comm -23 <(postconf -n | sort) <(postconf -d | sort) | anonyme
compatibility_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
inet_protocols = ipv4
luser_relay = postmaster
mail_spool_directory = /var/spool/mail
manpage_directory = /usr/share/man
mydestination = localhost
mydomain = mydomain
myhostname = vps1.mydomain
mynetworks_style = host
myorigin = $mydomain
recipient_delimiter = +
relay_domains = pcre:/etc/postfix/mydestinations
relay_recipient_maps = hash:/etc/postfix/relay_recipients
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_non_fqdn_recipient reject_unknown_recipient_domain reject_unauth_destination reject_unauth_pipelining reject_rbl_client cbl.abuseat.org
smtpd_relay_restrictions = permit_mynetworks,reject_unauth_destination
unverified_sender_reject_code = 550 |
Code: | # anonyme /etc/postfix/mydestinations
/^vps1$/ ACCEPT
/^(.*\.)*mydomain$/ ACCEPT
/^localhost\.localdomain$/ ACCEPT
/^localhost$/ ACCEPT |
/etc/postfix/relay_recipients is populated wqith accepted email adresses.
Surely something very simple, but I can't get it for now.
Last edited by Frautoincnam on Sun Apr 18, 2021 4:36 pm; edited 1 time in total |
|
Back to top |
|
|
Frautoincnam Apprentice
Joined: 19 May 2017 Posts: 290
|
Posted: Sat Apr 17, 2021 10:33 pm Post subject: |
|
|
The only solution I found for the moment to solve my problem is those modifications:
Code: | myorigin = $myhostname
luser_relay = postmaster@mydomain
mydestination = localhost.$mydomain, localhost
recipient_canonical_maps = hash:/etc/postfix/recipient_canonical_maps
relay_domains = $mydomain |
and recipient_canonical_maps
Code: | @vps1.mydomain @mydomain |
Surely not so clean, but I couldn't find better. |
|
Back to top |
|
|
pa4wdh l33t
Joined: 16 Dec 2005 Posts: 806
|
Posted: Sun Apr 18, 2021 3:51 pm Post subject: |
|
|
I have a very similar setup as you describe.
Quote: |
1) to receive all mails when PRIMARY is down, then relaying them
|
The mail server doesn't know if it's primary or secondary. It is only advertised as such in DNS.
For example:
Code: |
mydomain IN MX 10 mx1.mydomain
IN MX 20 mx2.mydomain
|
The 10 and 20 here are the priorities. Sending MTA's should try the lowers one first and go to the second one if that fails.
Quote: |
2) to send all local mails to PRIMARY
|
For that i left "mydestination" empty/default, because that would make it try to deliver that mail locally, which is not what you want. What you're searching for might be "relay_domains", where i set all the domains i own and which should be relayed to the primary when it's up&running. I also set relayhost to my primary mail server (in my case connected via a VPN). To make sure you're not an open relay (which will be abused by spammers) i set:
Code: |
smtpd_recipient_restrictions = reject_unauth_destination
smtpd_relay_restrictions = permit_auth_destination,reject_unauth_destination
|
When get a new domain, basically the only thing i have to modify on the backup mailserver is the "relay_domains" line.
I hope this helps. _________________ The gentoo way of bringing peace to the world:
USE="-war" emerge --newuse @world
My shared code repository: https://code.pa4wdh.nl.eu.org
Music, Free as in Freedom: https://www.jamendo.com |
|
Back to top |
|
|
Frautoincnam Apprentice
Joined: 19 May 2017 Posts: 290
|
Posted: Sun Apr 18, 2021 4:09 pm Post subject: |
|
|
pa4wdh wrote: | The mail server doesn't know if it's primary or secondary. It is only advertised as such in DNS. |
I know all of that. that's not my question.
I don't ask how to create a MX backup.
I told 1) works.
Quote: | For that i left "mydestination" empty/default, because that would make it try to deliver that mail locally, which is not what you want. |
that's why I put localhost in $mydestination. But I tried with dummy value, and empty.
Quote: | What you're searching for might be "relay_domains" |
?
Did you really read my post ? I described my $relay_domains.
Quote: | To make sure you're not an open relay |
Already done. But one more time, that's not the subject. I managed to configure my MX backup. The problem was about local delivery, but as told, solved. |
|
Back to top |
|
|
pa4wdh l33t
Joined: 16 Dec 2005 Posts: 806
|
Posted: Sun Apr 18, 2021 4:29 pm Post subject: |
|
|
I'm sorry i didn't understand your question correctly, i'm just trying to help.
The only thing that seems to be missing from the configuration you posted is the "relay_host", it is set on your secondary mailserver and set something where it can reach the primary one. _________________ The gentoo way of bringing peace to the world:
USE="-war" emerge --newuse @world
My shared code repository: https://code.pa4wdh.nl.eu.org
Music, Free as in Freedom: https://www.jamendo.com |
|
Back to top |
|
|
Frautoincnam Apprentice
Joined: 19 May 2017 Posts: 290
|
Posted: Sun Apr 18, 2021 4:34 pm Post subject: |
|
|
Code: | # postconf relay_host
postconf: warning: relay_host: unknown parameter
# postconf relayhost
relayhost =
|
Missing because as default.
No need to specify, DNS is here for that. All mails to mydomain go to MX 10 when up.
But, one more time, relaying works ! |
|
Back to top |
|
|
|