View Full Version : [Cenario] Backup MX server that lets you read/send emails

06-23-2011, 12:59 PM
Hi to everyone!

I'd like to share a solution we are using and thanks to help from IceWarp, adjusting and adding some small extra features to the product, it's now possible to be used.

Of course, there are no guarantees to this whatsover and this is not an official IceWarp procedure, rather some tips from our experiences. If interested, test well before putting in production...

The idea is to be able to read/send emails via a secondary MX server, that sends all the mail it received to the primary server, but still it lets users read/send emails on it when the primary is down. This involves duplicating databases, setting up secondary MX records and creating filters. Optionally, you can have the primary server also send a copy of all email it receives to the secondary server, so that users have the last x days of email received in the primary server also on the backup server, which they can effectively use.

So it your primary server is offline, guide users to use the secondary MX backup server: webmail2.yourdomain.com. They can even setup their email clients also with an extra email account pointing to the backup server. They would receive duplicate emails in that account, but that's not a big deal as they have separate folders for each account in their email client by using IMAP.

It's important for both icewarps to have antispam, since secondary MX can be one more point for spams to come in.

So how does it work? Consider 2 servers, primary MX and secondary MX appropriately defined as such in DNS. - MX 20 - MX 30

1) Duplicate Antispam, GroupWare and Directory Cache DB's (IceWarp system backup can do this in Systems/Tools/System backup) daily to the secondary MX server, except for the accounts database. I use a cost effective share that is faster then IceWarp's feature, called Mysqlauto backup (http://www.swordsky.com/pro_edition.html).

So on the backup icewarp, set it to use this copy of all DB's that is done daily/late night.

Later on you will understand why the backup server cannot have any type of forwarding to external recipients in the accounts, nor mailing lists with external recipients. For that reason, our goal is to make a copy of the accounts, without any type of forwarder. For this, I keep the backup server using file system and use batch file in primary server and secondary server to sync the userbase. I had to find a way to copy userbase without copying forwarders, etc. and keep it synced, that's why I deleted domain and users.cfg, to recreate users in file system without deleting their emails... If I used tool, for example, to delete accounts, it would delete the mailstore also.

Here are the batch files:

1.1) batch file primary server

del accounts.txt
del domains.txt
tool export domain * > domains.txt
tool modify system C_Accounts_Policies_Pass_AllowAdminPass 1
tool -filter="u_type like '0'" export account *@* u_password u_alias u_mailboxpath > accounts.txt
copy domains.txt o:\icewarp /Y
copy accounts.txt o:\icewarp /Y
tool modify system C_Accounts_Policies_Pass_AllowAdminPass 0

1.2) batch file backup server

net stop icewarpsmtp
del domains.cfg /Q /S
del users.cfg /Q /S
del domain.cfg /Q /S
tool modify system C_Accounts_Policies_Pass_AllowAdminPass 1
tool modify system C_Accounts_Policies_Pass_Enable 0
tool import domain domains.txt
tool import account accouts.txt u_password u_alias u_mailboxpath
net start icewarpsmtp
tool modify system C_Accounts_Policies_Pass_AllowAdminPass 0
tool modify domain * d_numberlimit 200
tool modify domain * D_UnknownUsersType 1
tool modify system C_Accounts_Policies_Pass_Enable 1

NOTE: I found that the ideal is to set domains to catch all (no need to specify a catch all email) to avoid loops with accounts that don't exist. For example, primary server sends a msg that it received to account joe@domain.com. But joe@domain.com doesn't exist in the backup icewarp server. By setting domain to catch all, you avoid rejection errors in these cases.

Also it will work ok if you have backup domains in primary server, as emails destined to a certain IP defined for backup domain are sent just once, by the primary server only. This does not, however, offer redundancy for customers with backup domains. But its better then setting domains as backup domain in backup server. If you do so, the system that receives mail from backup domains would get dupe emails (imagine primary server receives and sends to IP in bkp domain and ALSO sends a copy to backup server which also sends a copy to system specified in VALUE of bkp domain, generating dupe outbound).

2) Note: this requires icewarp 10.3.2+

Create a content filter such as this one:

Where Sender's IP address matches NOT
Stop processing more rules
and Forward to %%Forward_local_recipients

What this magical parameter "forward local recipients" does is forward all received emails to some other server (in this case to the secondary server). So, if the email doesn't come from the secondary server (to avoid a loop), forward it to the secondary server via SMTP.

NOTE: this is optional and over complicates it a bit. Only if you want email from primary server to be copied to secondary server. More important is, shown below, to copy from the secondary MX to the primary, so the primary always has all e-mails.

Just FYI There's also a forward %Forward_domain_recipients%% which you can use on domain level if you prefer.

3) On the secondary MX box, same thing, but forwarding all mail to the primary server.

Where Sender's IP address matches NOT
Stop processing more rules
and Forward to %%Forward_local_recipients

4) Do not put 1 server's IP in the other's Trusted IPs, so that anti-spam and other methods work between the servers. You can and I recommend, however, to put each server's IP on the other's servers bypasses (intrusion prevention, rDNS/domain does not exist/DNSBL - in mail/security/DNS tab, Greylisting).

This will also help to make emails that come from 1 server be processed by the antispam of the other server.

5) Rule of thumb. Don't create mailing lists (at least not with external email addresses) nor setup accounts to forward/copy emails outbound. The problem in doing this is duplication outbound. If an email comes from primary server (which copies all emails sent to local recipients to the backup server) or even if some email comes from the outside world to the secondary MX server (which sends all mail to local accounts to the primary server), both, primary and secondary send it out. That's why you shouldnt have copies/forwarders/lists with external recipients in the backup server.

What I did do however is a content filter on the backup server that forwards all email sent out via backup server to the sender account. This way, the email is received in the primary server and sent to anyone possibly set to receive copies of incoming mail (forwarders).

So 2 content filters in this order (and I put them before the clone filter initially mentioned):

Where Recipient is remote
Edit message header -> add header Subject: with value: [Sent from backup] - %%subject%%


Where Recipient is remote
Forward to @
copy to audit@domain.com

6) You might want to avoid bounce backs between the servers. For example, for some reason mail can't be sent from primary to secondary server and users can get really confused with bunce back emails, thinking that their emails were not sent, when actually they were, just the copy to the backup server for some reason wasn't sent...

So you can create a file called smtpbouncebackbypass.dat in icewarp/config of the primary server and inside it, specify the secondary server's IP, as such:


This is a bypass for NDRs. Primary server wont generate any NDR to its users that have been caused via communication with the secondary server.

* Known issue

- SPF soft fail in spamassassin might trigger wrongly and contribute to false positive, since emails are sent between our 2 servers and the from header can contain some external domain that has SPF with other outgoing IP... and I dont want to put each server on the other's antispam bypass, as my idea is for antispam to run on both servers (I even setup backup server to label msgs as "Spam - Backup server"). So usually spams get tagged by both servers.

this will be solved when IceWarp lets us check SPF via content filters (so I can create a filter that excludes the primary/backup servers negating them). I created a filter to overcome this issue for now, if interested, please PM me. Basically I check if the IP is that of the backup server and if SPF_SOFTFAIL=5.0 (set to high), I add score -5.

* Tip

- This setup has worked really nice, Ive used it to copy from secndary to primary only, not the contray.

One important suggestion if you have SMTP overflows.

One day for example antispam processing was slow on the backup server and connections were staying open for long, using too many connections. What I like to do, at least as a temporary relief in such situations, so I can work through them more calmly is setup windows firewall on the backup server and keep a rule for SMTP IN and OUT to block communication to my mail server. This way I can control mail flow, its really useful.

All the best,