Jun 072006

Postfix – setting up two outgoing mail servers

My ISP blocks outgoing port 25. This means that my mail server at home is unable to send mail directly to its destination. It must relay. From here at home, all my mail goes to one of my public mail servers out on the Internet. Because my ISP blocks outgoing connections to port 25, I use port 587, the submission port. The mail from my private mail server is sent to my public mail server via port 587. I first wrote about using port 587 back in February. That article mainly deals with mail coming into my home server. More to the point, at that time, I forwarded outgoing mail to just one server. This article shows how I configured Postfix to send outgoing mail to one of a group of servers.

Why bother?

Why do I want to send to one of a group, instead of just one? Redundancy. Yesterday there was a hardware failure. The mail server I was sending to is expected to be offline until later today. In the meantime, my outgoing mail was still sitting on my private mail waiting to be sent.

Directing all outgoing email to one host

As previously documented, my public mail servers accept incoming mail on port 587. This is accomplished by first telling one Postfix server to listen on port 587, and then telling another Postfix server to send via port 587. I will concentrate on the latter as that part is relevant to our solution. The solution from the previous article involved this entry in my transport configuration file on the public mailserver:
myserver.example.org    smtp:[myserver.example.org]:587
This directive states that all mail for myserver.example.org should be sent via port 587. That is, the local mail server should connect to myserver.example.org on port 587. For our outgoing mail, we will use something very similar. On my private mail server at home, I use this directive:
*   smtp:[myhost.example.org]:587
The wildcard (*) indicates that all mail should be sent via smtp to myhost.example.org via port 587. This works and works well. But what if myhost.example.org is offline? Mail will queue up on your server and not be sent. Wouldn’t it be nice to specify an addition server? You could try adding another wildcard line, but that will fail. You cannot have duplicate entries in a postmap file. I know. I tried. I failed. Then I came up with another solution via DNS.

Create duplicate hosts in DNS

If you cannot have duplicate entries in the transport file, why not have duplicate entries in DNS? Sweet. In my DNS zone files, I created a new entry and gave it two IP addresses:
outgoing.example.org.    IN  A   ; mx1.example.org.
outgoing.example.org.    IN  A   ; mx2.example.org.
The strategy here is to tell Postfix to send outoing mail to host outgoing.example.org. This hostname resolves to two different IP address, each of which corresponds to one of my two public mail servers. Thus, my private mail server will forward mail to one of these two servers. If one should be down, mail will go to the other server. The entry in the Postfix transport file now becomes:
*   smtp:[outgoing.example.org]:587
Nice. Simple. Effective. If I have additional outgoing mail servers, I make a DNS change. That mail server is still down, but at least my mail is flowing now. 🙂