I am in the process of moving MTA/MS from a single openvz server instance to instances replicated across mutliple (initially two) servers.
This means I would have one virtual server running postgres, dovecot et.al and accepting inbound email and a second offline copy (stopped?). The idea is that if the "master" instance goes down for any reason the backup is brought on line using the same IP address. Lets ignore ARP cache and routing issues, but the idea is that desktops would "invisibly" switch to the new mailserver with minimum loss of email. What I am worried about is email arriving at the downed server not being delivered to the recipient for a long period while the master MTA/MS is down. Our user base is <10 users with <5 active at any time but email is business critical and we have (for such a small user base) a lot of traffic (many mailing list subscriptions) etc. Note that outbound email delivery is likewise critical but outbound traffic is so low the risk of held outbound email is less of a risk than losing important incoming client email. Any suggestions would be welcome - to avoid a large thread feel free to email me direct and I will summarise back to the list if required. TIA Jacqui
