Backup Sendmail MX Server - FreeBSD
A Backup Sendmail MX ensures that you won’t lose any emails that are received if your primary mail server experiences downtime. If your mail server becomes unavailable, the Backup Sendmail MX server will accept and hold your emails. Once your primary mail server becomes available again, all that is needed, is to push the mail queue from the backup to the primary.
I will cover setting the DNS records in relation with the Sendmail Backup MX Sever. Also configuration of Sendmail as a Backup MX and finally resending any mail that has been held on the backup MX to the primary Sendmail server.
Backup Sendmail MX DNS Configuration
In your DNS zone, two MX records should be added. One for the primary server and one for the secondary. It is important that the MX preference value for the primary is lower than the value for the secondary. If a lower MX preference value is given to the backup server, all email will go through the backup server.
Sendmail Backup MX Configuration
From a clean install of FreeBSD, we only need to add the /etc/mail/access file. Here we allow the domain pbdigital.org to relay mail through our Backup MX Server.
cd /etc/mail echo "To:pbdigital.org RELAY" >> access makemap hash access < access service sendmail restart
That is all that is needed and now the Backup MX server is available if the primary Sendmail server is unavailable.
Resending Mail to Primary Sendmail Server
When testing or recovering from primary mail server failure, use the following commands on the MX Server.
Issue the following command to resend all mail in queue:
Some might say that Sendmail is a beast of a thing, however it has been a very successful MTA and at one time delivered over 90% of the internets email. I think once the basic setup is implemented, it is a matter of just learning as problems arise or as you require further features, such as milters or IMAP intergration. In my next post I will be looking at implementing Cyrus IMAP server to work with Sendmail.
One downside on Sendmail is it's support of older SSL protocols, that at this time of writing, cannot be disabled. Therefore, Postfix may be more suited if you need to disable these protocols.
You may be interested in a BSDCon-2019 talk where Eric Allman, the creator of Sendmail takes a look back on the last 34 years of Sendmail: Lessons Learned from Sendmail.