Re: SMTP failover

From: Bill Vermillion (bv_at_wjv.comREMOVE)
Date: 01/31/04

  • Next message: Brian K. White: "Re: No longer supporting Unixware / Open Server" 
    Date: Sat, 31 Jan 2004 04:15:00 GMT

    In article <2GBSb.146250$5V2.779301@attbi_s53>,
    Joe Dunning <joedunning1234_removethis@hotmail.com> wrote:
    >On Fri, 30 Jan 2004 18:55:01 GMT, Bill Vermillion <bv@wjv.comREMOVE> wrote:
    >>In article <bvdi20$699$1@newsread.albacom.net>,
    >>Roberto Zini <rob@robnothere.com> wrote:
    >>>Dipen wrote:
    >>>> Hi,
    >>
    >>>> Does anyone know how to failover an SMTP server (standard sendmail
    >>>> SMTP server) on Linux?
    >>
    >>>> Basically, we have 2 physically servers both acting as SMTP servers.
    >>>> Our email points to the ip address on server #1. If server #1 dies, is
    >>>> there any way we can automatically failover to server #2?
    >>
    >>>> Many Thanks in advance!
    >>>> Dipen
    >>
    >>>Dunno if you can do it via the MTA but you can by using DNS.
    >>
    >>>AFAIK, you can have multiple MX records for a given domani; each
    >>>record may have a priority which tells the preferred server.

    >>>When one is unavailable, the remote MTA will switch to the second
    >>>one in the priority list.

    >>Just be sure you have the second machine set to accept mail for
    >>that domain, otherwise all you will get are error messages
    >>regarding relaying forbidden.

    >Bill, everything you say is true, but I would like to add one more
    >comment. Many MTA's (and especially spammers) don't respect MX
    >priorities.

    If mail is directed to a specific mailserver then that is where it
    will go. But it it mail@domain.com it should go to MX server for
    that domain. And if the first server doesn't respond
    appropriately - such as being loaded down - the data is supposed to
    go to the second MX. I only used sendmail so I can't speak about
    other MTAs. And if sendmail gets a flood [as I have had at times]
    sendmail will stop different items until it recovers. Worst case
    when system load gets high it wont even accept mail and that's when
    the secondary takes over.

    >I've even seen a case where someone's MTA, while sending mail to
    >my domain used the lowest priority MX (out of 3, while the other
    >2 MX machines were running) and bounced the mail, because the
    >backup MX refused the mail with a 4xx (defer) message.

    It sounds like one of the machines was overloaded.

    >So, if you put up a backup MX, beter make sure it works and can handle
    >the traffic.

    I've not had a lot of problems, but I have one domain name that is
    a major spam attractant even though it only has 3 valid mail
    addresses.

    It got so bad on that domain that I made a spare machine the only
    MX entity for that domain. I then filter for the three valid
    addresses - with about 100 emails maximum a day, and toss the rest
    into /dev/null. For the past 3 weeks I'm dumping about 250,000
    messages/day to /dev/null just for that domain.

    We actually own that domain [my partner got it years ago] and the
    name value is so strong it would typicallly come in a #1 or #2 on
    google with no advertising or anyting just to get it up there. So
    that's why I can afford to dedicate a machine just to handling it's
    bizarre MX loads.

    And I'm doing DNS and secondary MX for client who is having load
    problems, and this AM I bounded 550 emails to him to look at as
    they came to the secondary MX.

    I have found that using the virutal user table to accept only valid
    names, and then wildcard all the rest to /dev/null instead of the
    'no user at this site' type message is more efficient. The days of
    politely rejecting non-deliverable is over for me. I just toss
    them away.

    As to load - before I set up one machine that does MX only for that
    domain, I tried to get to the main mailserver and could not ssh in
    for about 15 minutes. The spam load had skyrocketed, and only when
    sendmail stopped accepting because of the high load and recovering
    after running out of buffers did I get back in.

    I used FreeBSDs for those and I'm amazed at how well they recover.
    They will appear to be dead when they get slammed, but you can wait
    them out, and in 10-20 minute you can get back in.

    The last 6 months have gotten worse by the day and about 3 weeks
    ago the volume just kept racheting up. Makes me want to go back to
    paper and carbons :-)

    Bill 

    -- 
Bill Vermillion - bv @ wjv . com
  • Next message: Brian K. White: "Re: No longer supporting Unixware / Open Server"

    Relevant Pages

    • Re: sendmail upgrade is causing high load
      ... two and the system load tops out. ... I restarted sendmail, and within a minute the load avg. ... pids plus the demand due to the down-time for the upgrade. ...
      (comp.mail.sendmail)
    • Re: FBSD 6.2 Xeon 2.4ghz CPU and high load
      ... The required software was upgraded as well which consists of MailScanner and Sendmail. ... The issue I am seeing is that my server load, under the same traffic load, has increased 4 times or more. ... This would cause exactly the sort of symptoms you're ...
      (freebsd-questions)
    • FBSD 6.2 Xeon 2.4ghz CPU and high load
      ... The required software was upgraded as well which consists of MailScanner and Sendmail. ... The issue I am seeing is that my server load, under the same traffic load, has increased 4 times or more. ... I am thinking I have missed something obvious and I need to make a sysctl change to get the system working properly. ...
      (freebsd-questions)
    • SUMMARY: sendmail question
      ... The default load factor for queueing messages in ... and restarted sendmail. ... > delivery at a later time). ...
      (Tru64-UNIX-Managers)