fallback relay

M

michabbs

Member
May 5, 2020
113
14
23
I want to designate one node to take care of sending mails in case of temporary problems.
So I added this to main.cf template:
Code: 
[% IF dns.fqdn == 'my.other.node.com' -%]
smtp_fallback_relay = [node.responsible.for.sending.of.deferred.mails.com]:26
[%- END %]

The goal is: The 1st node tries to send an email to all applicable destination servers (i.e. "mx" or "a" servers) and if unsuccessful - it forwards it to another node for further delivery. Its seems to work. Do you think it may cause any problems?
 
Why do you want to send the mail to a fallback? or why are the chances better for the fallback_relay to get the mail delivered?

From a quick look in the postfix documentation I don't see why this should be a problem in theory - but have not actively tried it or ran something like it in production - so keep an eye on the logs!

I hope this helps!
 
Stoiko Ivanov said:
Why do you want to send the mail to a fallback?
Click to expand...
Because the node1 is physically in our office, and node2 is in remote site. We have 2 internet lines, but only one has static ip, and the other one is behind nat. In case of main line failure we still have connectivity to node2 via vpn, but are unable to deliver mails directly, because they would be refused by recipeints.
Stoiko Ivanov said:
or why are the chances better for the fallback_relay to get the mail delivered?
Click to expand...
...and node2 still has its static ip, so can deliver mails without problems.
At least that't the theory and my goal. :)
 
Hmm - in this setup I probably would relay all mails to your public remote site in all cases - makes the setup a bit clearer in my opinion
also in case your static-ip line fails - how does PMG detect this situation? - I can imagine that if it still tries to deliver mails through the nat/dynamic line you might get a 5xx error from a remote server (because they simply refuse mail from dynamic ips) and then there will be no delivery to the fallback relay.
If you have some kind of mechanism that prevents this (e.g. an outbound firewall policy rejecting connections to port 25 over the dynamic line) - the setup should work as you planned.

In any case should you run into issues - just post some logs here - maybe we'll find a sensible workaround
 
Stoiko Ivanov said:
Hmm - in this setup I probably would relay all mails to your public remote site in all cases - makes the setup a bit clearer in my opinion
Click to expand...
Then the remote site would become a single point of failure. In my setup both nodes can work independent and provide full in-and-out services even when the other one is down.
Stoiko Ivanov said:
also in case your static-ip line fails - how does PMG detect this situation?
Click to expand...
It does not have to detect anything special. Firewall blocks smtp via secondary line, so pmg simply gets "normal" connection refused.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back