HOWTO external mailserver including backup-MX
modification of DNS-templates:
/etc/imscp/bind/parts/db_e.tpl
- $TTL 12H$ORIGIN {DMN_NAME}.@ IN SOA ns1.{DMN_NAME}. postmaster.{DMN_NAME}. (; dmn [{DMN_NAME}] timestamp entry BEGIN. {TIMESTAMP} ; Serial; dmn [{DMN_NAME}] timestamp entry END. 8H ; Refresh 2H ; Retry 7D ; Expire 1D ; Minimum TTL); ns DECLARATION SECTION BEGIN IN NS ns{NS_NUMBER}.{DMN_NAME}.; ns DECLARATION SECTION END; IN MX 10 mail.{DMN_NAME}. ;see next line IN MX 20 mx20.{DMN_NAME}.{DMN_NAME}. IN {IP_TYPE} {DMN_IP}www IN {IP_TYPE} {DMN_IP}{DMN_NAME}. IN TXT "v=spf1 a mx {TXT_DMN_IP_TYPE}:{DMN_IP} {TXT_SERVER_IP_TYPE}:{BASE_SERVER_IP} ~all"localhost IN A 127.0.0.1;mail IN {IP_TYPE} {DMN_IP} ;see next linemx20 IN {IP_TYPE} {DMN_IP}; ns A SECTION BEGINns{NS_NUMBER} IN {NS_IP_TYPE} {NS_IP}; ns A SECTION END; CNAME for mail transferimap IN CNAME mailpop IN CNAME mailpop3 IN CNAME mailrelay IN CNAME mailsmtp IN CNAME mail; CNAME for web transferftp IN CNAME www; sub [{SUB_NAME}] entry BEGIN.; sub [{SUB_NAME}] entry END.; dns [{MANUAL_DNS_ID}] entry BEGIN.; dns [{MANUAL_DNS_ID}] entry END.; ctm domain als entries BEGIN.; ctm domain als entries END.
/etc/imscp/bind/parts/db_master_e.tpl
- $TTL 12H$ORIGIN {DMN_NAME}.@ IN SOA ns1.{DMN_NAME}. postmaster.{DMN_NAME}. (; dmn [{DMN_NAME}] timestamp entry BEGIN. {TIMESTAMP} ; Serial; dmn [{DMN_NAME}] timestamp entry END. 8H ; Refresh 15M ; Retry 4W ; Expire 3H ; Minimum TTL) IN NS ns1.{DMN_NAME}. IN NS ns2.{DMN_NAME}.; IN MX 10 mail.{DMN_NAME}. ;see next line IN MX 20 mx20.{DMN_NAME}.{DMN_NAME}. IN A {DMN_IP}www IN A {DMN_IP}{DMN_NAME}. IN TXT "v=spf1 a mx ip4:{DMN_IP} ip4:{BASE_SERVER_IP} ~all"localhost IN A 127.0.0.1;mail IN A {DMN_IP} ;see next linemx20 IN A {DMN_IP}ns1 IN A {BASE_SERVER_IP}ns2 IN A {SECONDARY_DNS_IP}; CNAME for mail transferimap IN CNAME mailpop IN CNAME mailpop3 IN CNAME mailrelay IN CNAME mailsmtp IN CNAME mail; CNAME for web transferftp IN CNAME www; sub [{SUB_NAME}] entry BEGIN.; sub [{SUB_NAME}] entry END.; ctm domain als entries BEGIN.; ctm domain als entries END.
We dont need to modify already existing domains in bind cache, i-MSCP will update the zones automatically on next run.
Now we need to add two custom DNS zone's records in i-MSCP (login/change to customer / manage domains) for the domain, which is meant to become a backup MX with an external mailserver:
Domain: domain.tld
Type: A
Class: IN
Name: mx10.domain.tld.
IP-address: IP of the external Mailserver
Domain: domain.tld
Type: MX
Class: IN
Priority: 10
Target host: mx10.domain.tld.
Please don't forget the trailing dot in the name and target host fields!
In case the external mailserver is offline, mails will be delivered to the backup-MX. Now we will configure postfix to relay those mails to the external server and retry until it accepts delivery again.
Edit /etc/postfix/main.cf and add the line:
relay_domains = hash:/etc/postfix/relay_domains
Reflect this modification also to /etc/imscp/postfix/working/main.cf
Remove or comment out all domains with an external mailserver from /etc/postfix/imscp/domains
Reflect that also to /etc/imscp/postfix/working/domains
Create new file /etc/postfix/relay_domains
Add all domains with external mailserver to this file with following syntax:
domain1.tld OK
domain2.tld OK
domain3.tld OK
Make the changes in "virtual domains map" and the new "relay domains map" known to postfix:
postmap /etc/postfix/imscp/domains
postmap /etc/postfix/relay_domains
/etc/init.d/postfix restart
Now our hostingserver acts as backup-MX and will receive mails to local mailboxes and will relay all mails that have no local mailbox through MX record. To avoid spam-delivery postfix will only relay mails for domains in the relay domains map.
Even if you manage your DNS zones on an external nameserver, the changes to DNS templates are important, because postfix resolves the MX record locally.
So if you manage your domains externally, there is an additional step to do. you need to add folowing records in your external nameservers zone.
mx10. IN A <IP of external mailserver>
mx20. IN A <IP of hostingserver>
IN MX 10 mx10.
IN MX 20 mx20.
Not very common and really not suggested to run an mailserver on dyndns, but still you can do so. In this case you don't need the A record in DNS zone in i-MSCP
add custom DNS zone's record in i-MSCP (login/change to customer / manage domains)
Domain: domain.tld
Type: MX
Class: IN
Priority: 10
Target host: meinhost.dyndns.org.
Here you should not forget the trailing dot also 
with external nameserver:
mx20. IN A <IP of hostingserver>
IN MX 10 meinhost.dyndns.org
IN MX 20 mx20.
With a mailserver on dyndns you can expect the backup-MX will have more often to relay bad delivered mails
Please don't copy DNS templates from this howto, incorporate the modifications manually, DNS templates can differ depending on i-MSCP version.
I made also a simple script to add/remove domains to postfix virtual domains map and relay domains map, use it at your own risc.
Usage: bash ./script.sh domain.tld enable|disable
- #!/bin/bash
- #mxrelay.sh
- DIR="/etc/postfix"
- ARGS=("$@")
- SYNTAX="\n
- ╔══════════════════════════════════════════════════════════════════════╗\n
- ║\tPlease note the syntax\t\t\t\t\t\t║\n
- ║\tfirst argument the domain, second argument enable or disable\t║\n
- ║\tbash ./mxrelay.sh domain.tld enable|disable\t\t\t║\n
- ╚══════════════════════════════════════════════════════════════════════╝\n"
- if [ $# != 2 ]
- then
- echo -e $SYNTAX
- else
- if [ "${ARGS[1]}" = "enable" ]
- then
- sed -i "/^${ARGS[0]}/s/^\(.*\)/#\1/g" "$DIR/imscp/aliases" "$DIR/imscp/domains" "$DIR/imscp/mailboxes" "$DIR/imscp/sender-access" "$DIR/imscp/transport"
- RC=`grep "${ARGS[0]}" "$DIR/relay_domains" | wc -l`
- if [ "$RC" != 0 ]
- then sed -i "/${ARGS[0]}/s/^ *#* *\(.*\)/\1/" "$DIR/relay_domains"
- else echo "${ARGS[0]} OK" >> "$DIR/relay_domains"
- fi
- echo "${ARGS[0]} aktiviert"
- elif [ "${ARGS[1]}" = "disable" ]
- then
- sed -i "/${ARGS[0]}/s/^ *#* *\(.*\)/\1/" "$DIR/imscp/aliases" "$DIR/imscp/domains" "$DIR/imscp/mailboxes" "$DIR/imscp/sender-access" "$DIR/imscp/transport"
- sed -i "/^${ARGS[0]}/s/^\(.*\)/#\1/g" "$DIR/relay_domains"
- echo "${ARGS[0]} deaktiviert"
- else
- echo -e $SYNTAX
- fi
- fi
- postmap "$DIR/imscp/aliases"
- postmap "$DIR/imscp/domains"
- postmap "$DIR/imscp/mailboxes"
- postmap "$DIR/imscp/sender-access"
- postmap "$DIR/imscp/transport"
- postmap "$DIR/relay_domains"
- postmap "$DIR/relay_recipients"
- /etc/init.d/postfix restart
Suggestions are welcome. Use the howto and the script at your own risk, i am not responsive for any damage.
