Hi Lorens, thanks for your kind reply...:-) ! yes this is exactly the case... and my internal local-mailers consist on standard RHEL5+6 servers and NetApp's. Our ISP is restricting mail from only 1 of our sites, so we need to relay all our internal mail globally through this site.
We can't prevent non-mail applications, as we don't have 100% control of all hosts (LAB equipment etc.), so I guess it makes sense to still keep local-mailer, at-least just to keep consistency. Thanks for clarifying...:-) Do you have a howto for this setup laying around somewhere (local-mailer -> HA postfix relay) ?: Thanks in advance :-) ! ~maymann 2011/12/27 Lorens Kockum <postfix-users-4...@tagged.lorens.org> > On Tue, Dec 27, 2011 at 06:12:12PM +0100, Michael Maymann wrote: > > Hi all, > > > > Thanks Peter, for you kind reply - some setup you have there... sounds > very > > nice indeed...:-) ! > > - If i have a lower budget, can this then be achieved without the > > loadbalancers and still have same redundancy/flexibility (using e.g. "DNS > > RR"/"MX with equal value") - if so what is for/against/preferred ?: > > I looked over the rest of the thread and I suspect people are > talking about different things. > > If I understand correctly, you want a relay. You have a lot > of servers with a primary function that is not sending mail, > but which do send mail, and you want to relay all the mail out > through a set of controlled dedicated mail servers. Am I right? > > If so, the basic question is *how* the servers send mail. Either > the applications send mail directly to a hostname (Java Mail > or PHP for example), or they use the local mailer, which would > be postfix, I suppose, with a default smarthost configuration > pointing to your dedicated mail servers. > > Pros and Cons: > > - Not using local mailer wil permit loadbalancing mail sent from > a single host over several postfix instances. > > - Using local mailer will always work for all applications > (since applications that send to a hostname can send to > 127.0.0.1) > > - Using local mailer forces you to monitor the daemon and the > queues on all the machines, and takes up (probable negligable) > system resources > > - Using local mailers will give you the UID of the sending > process in the headers > > - Using local mailer protects you from a short outage of the > dedicated servers or some part of the network. Mail will be > spooled locally until the dedicated machines come back on line. > > - Conversely, not using a local mailer will protect you from > local failures such as full disks or postfix not running, > but expose you more to network problems and availability > problems. That will cause you to look at redundant load > balancers. > > - Using a load balancer will probably require you to mask source > IPs. That doesn't matter if you trust your servers or if you run > local firewalls forcing mail to run through the local mailer. If > you worry about client-written forms being exploited to send > spam you need to think about that. > > > DNS RR: so just have like load-sharing (mail1->postfix1, mail2->postfix2, > > mail3->postfix1, etc.). But if one postfix servers goes down, will all > DNS > > replies then be only for alive-postfix - or will there also be > dead-postfix > > replies that needs to timeout, before it retries (and for how many > times?) > > and potentially end up dropping the mail if it is so unlucky to get > replies > > for dead-postfix on all retries ? > > "MX with equal value": is this handling differently? does a request load > > all MX records for the domain, and then sort them by value and then > > alphabetically, ending up with: if one postfix is down it will > > automatically try the next one in the sorted list...? > > If you use a redundant load balancer, it will take care of > all that and "always" reply. Unless the network goes down, of > course. > > If you do not, then there will be timeouts if something goes > down. You can specify relayhosts with or without brackets; the > brackets stop MX lookups. I seem to remember that in postfix > a relayhost that resolves to several IP addresses will be > handled more or less the same as a relayhost the has several MX > records. I think that wondering about which is more efficient is > not very useful since the difference is certainly vanishingly > small. Using MX permits you to specify main servers and backup > servers, but that's about it. However, non-mail applications > that send mail directly will probably not be able to handle > anything else than a single host/IP correctly. > > So . . . is there a unique answer . . . probably not, need more > info on your situation and needs :-) >
