Kensuke Kousaka's Blog

Notes for Developing Software, Service.

How to redundant Postfix e-mail server.

If you run e-mail server system by one server, not use redundant setup, you may have risks about can't receive/send e-mails.

This article describes how to configure redundant e-mail server to avoid problem.

Run following command to install Postfix on secondary server.

# pacman -S postfix

After installed, begin setup.

Edit /etc/postfix/main.cf by following.

myhostname = secondary.hoge.net
mydomain = hoge.net
myorigin = $mydomain

inet_interfaces = all

mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain

relay_domains = hoge.net

transport_maps = hash:/etc/postfix/transport
alias_maps = hash:/etc/postfix/aliases
alias_database = $alias_maps
smtpd_banner = $myhostname ESMTP unknown

disable_vrfy_command = yes
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/relay-password
smtp_sasl_security_options = noanonymous
smtpd_helo_required = yes
smtp_tls_security_level = may

Append following line to /etc/postfix/transport.

hoge.net  smtp:[primary.hoge.net]:587

Wrap hostname by [] is for avoiding search by DNS MX records when transferring e-mail. After editted transport file, refresh by running follow command.

# postmap /etc/postfix/transport

Append follow line to /etc/postfix/aliases.

user: user@hoge.net

Replace user with e-mail account registered at primary e-mail server. After editted aliases file, refresh by running following commands.

# postalias /etc/postfix/aliases
# newaliases

Create password configuration file to access primary server e-mail account. This configuration is needed because primary server e-mail account use SMTP Auth. Create /etc/postfix/relay-password as root privileges and add follow line.

[primary.hoge.net]:587 user:Input user's password

After editted, modify privileges to avoid reading/editing this file without root.

# chmod 600 /etc/postfix/relay-password

Refresh by running follow command.

# postmap relay-password

Redundant setup is completed. Open postfix-related port(e.g. 465, 587) on firewall. And also add secondary.hoge.net MX record to DNS with greater priority value than primary server.

After that, run following commands to start Postfix, and auto start when system startup.

systemctl start postfix
systemctl enable postfix

Redundancy setup is completed. Received e-mail is pooling to secondary server when primary server is down, and retry transporting e-mail to primary server in 5-days. This period can adjust by preferred value you want.