On 4/6/20 6:35 AM, Ashley Dixon wrote:
Hello,
Hi,
After many hours of confusing mixtures of pain and pleasure, I have
a secure and well-behaved e-mail server which encompasses all the
features I originally desired.
Full STOP!
I hoist my drink to you and tell the bar keep that your next round is on me.
Very nicely done!!!
In all seriousness, running your own email server is definitely not
easy. DNS, web, and database servers are easier.
This is especially true, by an order of magnitude, if you are going to
be sending email and do all of the necessary things to get other mail
receivers to be happy with email outbound from your server.
~hat~tip~
However, in the event that I need to reboot the server (perhaps a
kernel update was added to Portage), I would like to have a miniature
mail server which catches incoming mail if, and only if, my primary
server is down.
Okay....
I have Gentoo installation on an old Raspberry Pi (model B+), and was
curious if such a set-up was possible ?
Can you get a Raspberry Pi to function as a backup server? Yes. Do you
want to do such, maybe, maybe not.
I've seen heavier inbound email load on my backup mail server(s) than I
have on my main mail server. This is primarily because some,
undesirables, send email to the backup email server in the hopes that
there is less spam / virus / hygiene filtering there. The thought
process is that people won't pay to license / install / maintain such
software on the ""backup email server.
I encourage you to take a look at Junk Email Filter's Project Tar [1].
Aside: JEF-PT encourages people to add a high order MX to point to
JEF-PT in the hopes that undesirable email to your domain will hit their
MX, which will always defer the email and never accept it. Their hope
is to attract as many bad actors to their system as they can, where they
analyze the behavior of the sending system; does it follow RFCs, does it
try to be a spam cannon, etc. They look at the behavior, NEVER content,
and build an RBL. The provide this RBL for others to use if they
desire. — I have been using, and recommending, JEF-PT for more than a
decade.
JEF-PT could function as the backup MX in a manner of speaking. They
will never actually accept your email. But they will look like another
email server to senders. As such, well behaved senders will queue email
for later delivery attempts.
I also want the solution to be as minimal as possible. I see the
problem as three parts:
This type of thinking is how you end up with different spam / virus /
hygiene capabilities between the primary and secondary email systems.
Hence why many undesirables try secondary email system(s) first. ;-)
In for a penny, in for a pound.
If you're going to run a filter on your primary mail server, you should
also run the filter on your secondary mail server(s).
(a) Convincing the D.N.S.\ and my router to redirect mail to the
alternate server, should the default one not be reachable;
DNS is actually trivial. That's where multiple MX records come in to
play. — This is actually more on the sending system honoring what DNS
publishes than it is on the DNS server.
Aside: Were you talking about changing what DNS publishes dynamically
based on the state of your email server? If so, there is a lot more
involved with this, and considerably more gotchas / toe stubbers to deal
with.
There are some networking tricks that you can do in some situations to
swing the IP of your email server to another system. This assumes that
they are on the same LAN.
· VRRP is probably the simplest one.
· Manually moving also works, but is less simple.
· Scripting is automated manual.
· Routing is more complex.
· Involves multiple subnets
· May involve dynamic routing protocols
· Manual / scripting ....
· NAT modification is, problematic
(b) Creating the alternate mail server to be as lightweight
as possible. I'm not even sure if I need an S.M.T.P.\ server
(postfix). Would courier-imap do the trick on its own (with
courier-authlib and mysql) ?
You will need an SMTP server, or other tricks ~> hacks. Remember that
you're receiving email from SMTP servers, so you need something that
speaks SMTP to them.
Courier IMAP & authlib are not SMTP servers. I sincerely doubt that
they could be made to do what you are wanting.
(c) Moving mail from the alternate server to the main server once
the latter has regained conciousness.
SMTP has this down pat in spades.
This is actually what SMTP does, move email from system to system to
system. You really are simply talking about conditinally adding another
system to that list.
Hint: SMTP is the industry standard solution for what you're wanting to
do, /including/ getting the email from the alternate server to the main
server.
I realise this is a slightly different problem, and is not even
necessarily _required_ for operation, although it's certainly a
nice-to-have.
It's not really a different problem.
It is really required. Having the email on an alternate server without
a way to get the email to the main mail server where all the clients are
configured to access it is an untenable situation that is tantamount to
not having the email that goes to the alternate server.
What do you think; is this at all possible ?
Yes, absolutely possible.
Has anyone here done anything like this before ?
Yes, absolutely been done before.
What you're asking for can all be hacked together using things other
than SMTP. But it is very much that, a hack, cobbled together.
Or, you can use SMTP, which you're already using, and does exactly what
you're asking to do.
Thanks in advance.
[1] https://wiki.junkemailfilter.com/index.php/Project_Tar
--
Grant. . . .
unix || die
