Type | How To |
Version | 1.1.2 |
Tested on | SME 5.0, 5.12, 5.5, 5.6, 6.0, 6.0.1, 7.0, 7.1, 7.2, 7.3 and 7.3-utf-8 |
Mails flow through Internet via a dedicated protocol : SMTP for Simple Mail Transport Protocol.
This protocol, as stated in it name, is 'fairly' simple. When you send a mail, the first SMTP server
start to analyze the recipient e-Mail. Look at this E-Mail :
The part john.smith - part at left of the @ sign - is of no interest for the sender server : Comparing with 'snail mail', this is the Postal Box of Mister John Smith. This part will be used only by the destination SMTP server.
In contrary, the right part of the E-Mail, smithnet.com is of great interest : Still comparing to snail mail this is the final Post Office address.
In fact, this part of the address is a name, generally speaking a domain name. the SMTP server must now find the valid(s) SMTP server(s) for the domain smithnet.com. It does this by asking it's DNS server.
In literal English, the SMTP Server ask it's DNS Server : "Could you please tell me witch are the SMTP
servers for the domain smithnet.com ? "
And the DNS Server give a list of servers name, with one more information : the priority order of the SMTP recipients.
Theses informations are stored in specifics entry of the DNS, named MX record (for Mail eXchanger)
You can check this kind of informations for instance so :
# host -t mx cw.com cw.com mail is handled by 20 mail14.messagelabs.com. cw.com mail is handled by 10 mail49.messagelabs.com.
Now, the sender SMTP server knows witch servers could accept the mails. It then try to send to the server with the lowest priority, also known as 'Primary MX server' or 'Primary SMTP server'.
But sometime, this Primary MX Server cannot be reached.
This is why we can put more than one server for one domain.
Note: today, many 'big' domain have more than one 'primary server'. In this case, the connection is made on a ramdom basis. This permits a distributed load, and a better scalability.
We have to set two parts :
Needless to say, you need another SMTP admin wanting to do this stuff with you :-)
This page was written with my favorite Linux Distro in Mind : SME Server. But, with some adjustments, this should work on any server using QMAIL as SMTP service, except for the third method, using a RPM very SME specific.
You need also :
Starting from here, some assumptions for the whole samples :
You are working with another admin on another domain, and you plan to be MX-Backup one for the other.
There are three installation methods, for differents version of SME. Choose your installation, and then continue to Test and Validation
# tar xvfP MXBackupDomains.tar /etc/e-smith/templates-custom/var/spool/smtpd/etc/smtpd_check_rules/61MXBackupDomains /etc/MXBackupDomainsYou have now two news files on your system :
# /sbin/e-smith/expand-template /var/spool/smtpd/etc/smtpd_check_rules #This command give no return message if all is working well.
-------------- <snip> ---------------------- # list of domains for witch we are acting as MX backup # Receiving mail for the domain smithnet.com is allowed on this system allow:ALL:ALL:*.smithnet.com *@smithnet.com -------------- </snip> -----------------------
OK, I must admit : I really did the minima for theses versions (But see Method three for SME 6 and upper !)
You nearly need to do anything by hand - (BTW, it's time to change to SME 6 :-) )
# tar xvfP MXBackupDomains55.tar /etc/e-smith/templates-custom/var/qmail/control/rcpthosts/20QandD
# 20QandD (Quick and Dirty...) # This file add Quick and Dirty the lists of domains we acts as a MX-Backup # in the lists of QMAIL allowed domains # Pascal Schirrmann Sep 30, 2002 # Syntax : You need two lines by approved domains # domain.ntlg # .domain.ntlg # First line allow mail like : bar@foe.com # Second line allow mail like : bar@server.foe.com # # Domains allowed for MX-Backup smithnet.com .smithnet.com
# /sbin/e-smith/expand-template /var/qmail/control/rcpthosts
This need to be tested, but I think that, if you edit the rcpthosts file according to the above rules, this should do the trick
You should not encounter the specific 'trouble' of SME server : On SME server, config file are regenerated, so if you do a change
in the config file, at next generation, your change is lost. That's why the changes are set in templates files.
Here is my great work !!! I wrote a Panel to control the MX-Configuration directly from the server-manager !
Nota : Since April 2008, SME 7.3 had known a major system change. More information here. Due to these change, I wasn't able to create a unique RPM for the two sort of SME server. They are now two set of RPMS :
You can download the Installation RPM .
The Source RPM is also available, for developers or curious.
This RPM is not needed for normal operations.
This software is under the GNU license. In short, it's free for use and change, as long as it stay free.
Installation is simple :
# rpm -Uvh http://www.schirrms.net/files/smeserver-mxbackup-utf8-0.1.0-03.noarch.rpm Preparing... ########################################### [100%] 1:smeserver-mxbackup-utf8########################################### [100%] Rebuilding Web Server Manager Left Panel Cache ... Can take up to a minute. Done. Setting defaults values in SME configuration database, if needed. Don't change any existing configuration. Migrating existing database domains Migrating existing database spamassassin Migrating existing database configuration Migrating existing database hosts Migrating existing database yum_repositories Migrating existing database yum_available Migrating existing database backups Migrating existing database networks Migrating existing database mailpatterns Migrating existing database accounts Migrating existing database yum_updates Migrating existing database yum_installed Done. Regenerating the config file... Installation finished.Now, in the Configuration group, you have a MX Backup Configuration option just under E-Mail.
Configuration is easy :
Just click on the 'Create a new MX-Backup rule' button to add a domain name.
Apart the name of the domain, you can select between 'HOST' and 'DOMAIN'.
That's all ! your SME server is ready to be a MX-Backup. You have also the possibility to disable and enable the MX-Backup functionality. Just click on the toggle button 'Disable MX-Backup' / 'Enable MX-Backup'. I hope you like my traffic lights !
Now, the rest of the page is the same for everybody ! Every SME version, and also QMAIL admin. In fact, you can use this test for every kind of MX Backup Server.
We now want to be sure that our MX Backup configuration is up and running. To do this test, we only need a computer everywhere on Internet with a telnet client. But this computer cannot be on our site, because Mail rules are different on the local server and the local network.
The easiest way is to ask the smithnet.com admin to do the work.
Testing is the longest part of the work. The tester will have to connect with Telnet on your SME mail Service. He will have to send every command like a real SMTP server 'send' an E-Mail.
But, quick, a very short review of the needed part of the SMTP protocol :
At the beginning of the session, the SMTP sender says who it is : This is the HELO command.
Then, The SMTP sender send information needed by the SMTP receiver. You can see that like the envelope
for a mail : something the receiver never look, but very useful for the postman !. In E-Mail, you almost never see
this part : you have to ask for the 'Header' of the mail to see that. But there are tons of useful informations
for debugging : One interesting tip is that every SMTP server that carries the mail put a 'stamp' on the envelop.
so you can see how your mail traveled.
In our very simple test mail, our envelop only contains 2 lines :
MAIL From: {Sender E-mail address}
RCPT To: {Recipient E-Mail Address}
Now it's time to start the letter content.
To do that, we send the DATA command (alone on a line).
Here, we could put anything. But, if you want that your mail has a good look in a normal mail reader,
we have to put some 'valuables' informations, like the sender, the receiver, the subject or the date.
Here is a complete sample :
# telnet mail.doecom.net 25 Trying 111.112.113.114... Connected to mail.doecom.net Escape character is '^]'. 220 sme.doecom.net mailfront ESMTP HELO anything.other.org 250 sme.doecom.net MAIL From: admin@anything.other.org 250 Sender accepted. RCPT To: john.smith@smithnet.com 250 Recipient accepted. DATA 354 End your message with a period. From: admin@anything.other.org To: john.smith@smithnet.com Date: Tue, Mar 09 2004, 21:00:00 Subject: Test This test is very famous ! . 250 QUIT 221 Good bye. Connection closed by foreign host.And here is the complete message (with header) that was received by John Smith
Return-Path: <admin@anything.other.org> Delivered-To: john@server.smithnet.com Received: (qmail 24095 invoked by alias); 9 Mar 2004 21:36:17 -0000 Delivered-To: alias-localdelivery-john@smithnet.com Received: (qmail 24092 invoked from network); 9 Mar 2004 21:36:16 -0000 Received: from mail.doecom.net (HELO doecom.net) (111.112.113.114) by mail.smithnet.com (100.99.98.97) with SMTP; 09 Mar 2004 21:36:16 -0000 Received: (qmail 27033 invoked from network); 9 Mar 2004 21:27:51 -0000 Received: from some.other.computer.on.the.net (HELO anything.other.org) (200.200.200.200) by sme.doecom.net (111.112.113.114) with SMTP; 09 Mar 2004 21:27:51 -0000 From: admin@anything.other.org To: john.smith@smithnet.com Date: Tue, Mar 09 2004, 21:00:00 Subject: Test This test is very famous !
That's OK, you did the minimum check : a Mail send for the domain smithnet.com is accepted by the
mail server mail.doecom.net, and mail.doecom.net is able to forward it to mail.smithnet.com
You should also do the counter-test : check that your MX-Backup computer still refuse mail for another domain (i.e. that
your MX-Backup is not a Open Relay ! ) :
# telnet mail.doecom.net 25 Trying 111.112.113.114... Connected to mail.doecom.net. Escape character is '^]'. 220 sme.doecom.net mailfront ESMTP HELO anything.other.org 250 smedoecom.net MAIL From: a_guy@anything.other.org 250 Sender accepted. RCPT To: tomy@hotmail.com 553 Sorry, that domain isn't in my list of allowed rcpthosts. QUIT 221 Good bye. Connection closed by foreign host.
Yes ! your MX-Backup system is ready ! Now, we have to tell the whole world that your mail can be
processed also by your MX-Backup.
As smithnet.com admin, you have to change your internet DNS configuration. You need to add a second MX
record for your domain with the name of your MX-Backup server, mail.doecom.net. This mail server
to have a priority greater than your primary MX server.
Remember, the DNS to change is your public DNS (often not on your site but somewhere else on Internet).
Check the DNS configuration this way (You need the address of your primary public DNS server,
to check the entry like Internet SMTP server will do) :
Saying that the ip address of your primary public DNS is 1.2.3.4, check so :
# host -t mx smithnet.com 1.2.3.4 Using domain server: Name: 1.2.3.4 Address: 1.2.3.4#53 Aliases: smithnet.com mail is handled (pri=0) by mail.smithnet.com smithnet.com mail is handled (pri=5) by mail.doecom.net
Great : Job done ! Just wait that DNS information are updated everywhere, and your MX-Backup is up and running.
I had an interesting field return about 'MX-Backup' The case of a SME server acting as MX-Backup, but using a SMTP 'SmartHost to deliver mails.
Problem : the MX-Backup mode cannot work with the 'SmartHost' Mode !
Why ?
Well, let's suppose that mail.bar.foo is the secondary MX for the domain strangers.here.
And mail.bar.foo is set to use smtp.provider.net as 'SmartHost'.
At some time, the primary MX server for the domain strangers.here is out of order. Every new mail for
the domain strangers.here now arrive on the mail.bar.foo server.
But mail.bar.foo is set to use smtp.provider.net as 'SmartHost', and mail for strangers.here
are to resend out. mail.bar.foo send happilly all mails for strangers.here to smtp.provider.net.
smtp.provider.net in turn does a DNS resolution, and see that the mail should be delivered to mail.bar.foo !!!
This is called 'BounceMail' (and this is bad...). In the best case, your SME server will detect the bounce first. In the worst case, it's smtp.provider.net who will find the bounce first, and you should wery fast learn some interresting thing about the mail Admin of smtp.provider.net...
Starting with version 0.1.0 of MX-Backup, this is no more possible : During MX-Backup configuration, if the system is configured to use a 'SmartHost', MX-Backup set the configuration file to still use a direct access mode to the 'MX-Backuped domains'.
But this can be even worse ! Two majors reasons can dictate to choose to use the provider SMTP
server as a 'SmartHost' :
But if you're in the latter case, and if you plan to be MX-Backup for a SME server too, a solution exists. please drop me a mail, and i'll try to explain you that.
Not a lot to add...
Maybe do you want more than one MX Backup. That no problem. Just configure the second MX-Backup like
the first, and add a third MX record in your public DNS.
Starting with the update of April 2008, SME did a major change (even if hard to see) : the system charset went from ISO-8859-1 to UTF-8 ! What does it mean ? Computers store any information as a succession of bits (that is O or 1). This is not really 'user friendly' :-) To be able to store text in a computer file, we need to associate bit succession with human character. So, in most small systems the letter A is equal to 65 (or 0100 0001) and the number one is aqual to 49 (or 0011 0001). For non american character, there are many coding tables. A fairly recent coding table UTF-8, is for now the most commonly accepted table. This table permit to store most known symbols (Greek, Chinese...). But the change is big, and I don't see a way to create a package runing in the two charset, so I created a specific package for the most updated SME server and another, neeeded until all SME server be updated (can takes years !).
april the 20, 2008 | new RPMs version 0.1.0-03 : Support of the new SME charset, UTF-8 |
april the 26, 2006 | new RPMs version 0.1.0-02 : Complete support of SME 7 (especially the qpsmtpd part) |
may the 13, 2004 | new RPMs version 0.1.0-00 : Allow the use of MX-Backup on hosts using a SMart Host. But please read carefully the documentation ! |
april the 22, 2004 | 'Silent' update : bug correction. It was not allowed to use a domain name containing the number 0 (zero). this was in line with RPMs level 0.0.4-00 |
march 2004 | Initial version with the RPMs for SME 6.0 |
copyleft Schirrms Studio 2002-2004 |
|
The whole website www.schirrms.net is under GFPL license |