Sendmail - primary and secondary servers setup correctly?

Hi there!

I just want to make sure I've got my primary and secondary servers setup correctly.  Both are running Sendmail 8.12.11.

I host several domains.  For some, I deliver mail to the local server - others, I send to an email address.  I do all this on the primary server - mx-1.  For my sendmail.mc, I used the following settings:

FEATURE(`virtusertable', `hash /etc/mail/virtusertable')dnl
FEATURE(`nouucp', `reject')dnl
FEATURE(relay_entire_domain)
FEATURE(access_db)
FEATURE(`dnsbl', `relays.ordb.org', `550 Email rejected')dnl
FEATURE(`dnsbl', `sbl.spamhaus.org', `550 Email rejected')dnl
FEATURE(`dnsbl', `bl.spamcop.net', `550 Email rejected')dnl
MAILER(local)dnl
MAILER(smtp)dnl
define(`confTO_IDENT',`0s')dnl
define(`confSMTP_LOGIN_MSG', `')dnl
define(`confCOPY_ERRORS_TO', `postmaster')dnl
define(`confPRIVACY_FLAGS', `goaway')dnl

I have all of the domains listed in my local-host-names and their target delivery in /etc/mail/virtusertable.  I use dnsbl and a rather long access db for known spammers.


Now, on mx-2 - the secondary server, all I want this to do is hold mail in the event that mx-1 is down.  So, that being said, I created this sendmail.mc:

FEATURE(`virtusertable', `hash /etc/mail/virtusertable')dnl
FEATURE(access_db)
FEATURE(`dnsbl', `relays.ordb.org', `550 Email rejected')dnl
FEATURE(`dnsbl', `sbl.spamhaus.org', `550 Email rejected')dnl
FEATURE(`dnsbl', `bl.spamcop.net', `550 Email rejected')dnl
FEATURE(`nouucp', `reject')dnl
FEATURE(relay_entire_domain)
MAILER(local)dnl
MAILER(smtp)dnl
define(`confTO_IDENT',`0s')dnl
define(`confSMTP_LOGIN_MSG', `')dnl
define(`confCOPY_ERRORS_TO', `postmaster')dnl
define(`confPRIVACY_FLAGS', `goaway')dnl

Once again, I use the dnsbl and access method to stop spam.  I listed all of the domains only in /etc/mail/relay-domains - and that is it.

All tests I can think of seem to work.  If I turn off mx-1 and send mail to any of the domains, it holds up on mx-2 and then when mx-1 comes back, it is delivered.  So, it looks like it's working.

However, I thought I'd check with the experts here to see if I am missing anything or any possible issues with this config.

Thanks in advance!

- Peter
pferriganAsked:
Who is Participating?
 
jlevieConnect With a Mentor Commented:
Looks okay to me and you've proven that it works.

Note that you could "sync" the virtusertable and local-host-names between the two servers. That would allow mail forwarded to other than the primary mail server to be delivered directly if the primary is down. Mail to user acounts on the primary would simply be held in queue until the primary is back on line.
0
 
pferriganAuthor Commented:
Thanks for the suggestion.  I will do that.

Have a good one!

0
 
jetxCommented:
OMG man your DNSBL entry ROCKS!!!! Its stopping the rumplestiltskin attacks on my server
0
 
pferriganAuthor Commented:
Good!

I've been using it for about a year now - Really cut down on spam coming in.

Glad to hear it's working for you too!

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.