Hi, I have the following config: multi-server installation with two servers. When I was configuring the SSL certificates for the services, I followed this tutorial as support for the Postfix configuration: https://www.howtoforge.com/tutorial/securing-ispconfig-3-with-a-free-lets-encrypt-ssl-certificate/ Now, on the postfix section of this tutorial there is nothing about enabling smtps (465) & smtp-submission (587) I did it by editing master.cf under /etc/postfix and removing the # on the following lines: Code: submission inet n - n - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_reject_unlisted_recipient=no -o smtpd_client_restrictions=$mua_client_restrictions -o smtpd_helo_restrictions=$mua_helo_restrictions -o smtpd_sender_restrictions=$mua_sender_restrictions -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING smtps inet n - n - - smtpd -o syslog_name=postfix/smtps -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_reject_unlisted_recipient=no -o smtpd_client_restrictions=$mua_client_restrictions -o smtpd_helo_restrictions=$mua_helo_restrictions -o smtpd_sender_restrictions=$mua_sender_restrictions -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING Which is present as default under the master.cf Now, the parameters $mua_client_restrictions, $mua_helo_restrictions, $mua_sender_restrictions are not set. I am not sure of exactly what to set here, can someone give me a hint? Or should I leave this parameters here and simply set them to something? Also, is there any tutorial i can look at about turning one ISPConfig node into a smtp backup server? Cheers!
For the postfix settings to change in master.cf, see the perfect server guide for your so version. If you mean a backup mx, I don't know of any tutorial offhand (and you should have a good answer to the question: why are you setting up a backup mx anyways? ), though maybe someone else does. A backup mx host needs all the same info and filtering as the primary, so by the time you have that setup, you might a well just run dovecot's dsync and have redundant mail server's; unless maybe server resources are inadequate to do so on the second server.
Hello, About your multi-server setup, do you have : A mirrorred configuration Or A separated services configuration ?
Hi Jesse and electronic_nc, thanks for both your answers. So, Jesse, mail servers isn't my top game. I was simply thinking of a backup email server that could hold our emails if the primary mx fails, and I don't know what is dovecot's solutions for this. @electronic_nc, I am using separate servers configuration. Cheers
If you relly now what you are doing, you can set a backup-mx. Even if your MX is down, you won't loose any "new" mail for a few days.
@florian030 yeah well I am sure I can do it just that mail servers ain't my top game, so I was trying to see if you guys could help me with some tutorial or something, but I'll find my way. Cheers
If your mail server is down, you don't lose mail that would be delivered at that time, it simply stays in queue at the sender's side. Now that does leave the duration it will stay queued before being returned to the sender as undeliverable up to the various senders, but it is normally a few days at least. I believe that is what @florian030 meant - ie. you probably don't need a backup mx at all. I don't use them; if a primary mail server is down for long enough that a backup mx server will keep you from losing mail (ie. for more than a few days), that is a much bigger problem.