Dear ALl,
I have the following live setup . Centos 5.1 running as a Mail and DNS server with the following software
Sendmail ver MailScanner ver squirrel mail clam av spamassassin mailwatch
we have about 250 mail users all with no shell and every thing is working perfectly fine
now i wd like to know the following .
1) if i have a copy of my /etc/passwd file and the /etc/skel/shadow file and if my current HDD crashes .. now if i make a new centos server with all the above software and jus copy the password n shadow file in the right directories will all the users able to login into the system as before. or is anything more required to be done. To explain more clearly if my current hdd crashes i can get up a new centos machine but creating all the 250 + users wd be a big problem specially the passwords.
2) i would like to also know about MX records
i mean DNS server having MX with same priority n MX with different priority
i right now have a primary n secondary mail server that is dns server with different MX records and its workin fine
if i have 2 servers with same MX priority do i need to create the smae users on both my centos servers so tht if one server fails othe one is operational . i do presume the above is corect or is there any other way
apprecite your help
regards
Fabian
fabian dacunha wrote:
Dear ALl,
<snip> 1) if i have a copy of my /etc/passwd file and the /etc/skel/shadow file and if my current HDD crashes ..
yes, you just need the /etc/passwd , /etc/shadow , /etc/group and /etc/gshadow for the local auth Of course, in case of setting up a new box and integrating user accounts, i'd prefer doing some cleaning in those files before importing them (through vipw for for the passwd file) : i mean remove the system accounts first
- i would like to also know about MX records
i mean DNS server having MX with same priority n MX with different priority
i right now have a primary n secondary mail server that is dns server with different MX records and its workin fine
if i have 2 servers with same MX priority do i need to create the smae users on both my centos servers so tht if one server fails othe one is operational . i do presume the above is corect or is there any other way
It depends : you can for example just have the second MX record doing queue only for your domain and then deliver to the primary MX when he's back online ... otherwise if you deliver mail locally on your secondary MX server, that means two mail storages (and not in sync ....)
on 10-16-2008 2:03 PM fabian dacunha spake the following:
Dear ALl,
I have the following live setup . Centos 5.1 running as a Mail and DNS server with the following software
Sendmail ver MailScanner ver squirrel mail clam av spamassassin mailwatch
we have about 250 mail users all with no shell and every thing is working perfectly fine
now i wd like to know the following .
- if i have a copy of my /etc/passwd file and the /etc/skel/shadow file
and if my current HDD crashes .. now if i make a new centos server with all the above software and jus copy the password n shadow file in the right directories will all the users able to login into the system as before. or is anything more required to be done. To explain more clearly if my current hdd crashes i can get up a new centos machine but creating all the 250 + users wd be a big problem specially the passwords.
It would also depend on how you backed up the system. In absence of a valid passwd file, the files only have UID and GID numbers to identify them. If you preserve this info in your backups, and also your passwd, shadow, group, and gshadow files, you could hobble something together. But there are many other things you need backed up.
- i would like to also know about MX records
i mean DNS server having MX with same priority n MX with different priority
i right now have a primary n secondary mail server that is dns server with different MX records and its workin fine
if i have 2 servers with same MX priority do i need to create the same users on both my centos servers so tht if one server fails othe one is operational . i do presume the above is correct or is there any other way
You usually have your backup MX just hold the mail and forward it to the primary when it comes back up. To have a second server become operational if the first fails is not just about backups, it is about HA (high availability). There is more info on HA on the Linux HA website http://www.linux-ha.org/
apprecite your help
No worries!
Scott Silva wrote:
- i would like to also know about MX records
i mean DNS server having MX with same priority n MX with different priority
i right now have a primary n secondary mail server that is dns server with different MX records and its workin fine
if i have 2 servers with same MX priority do i need to create the same users on both my centos servers so tht if one server fails othe one is operational . i do presume the above is correct or is there any other way
You usually have your backup MX just hold the mail and forward it to the primary when it comes back up. To have a second server become operational if the first fails is not just about backups, it is about HA (high availability). There is more info on HA on the Linux HA website http://www.linux-ha.org/
There's a nice milter for sendmail called milter-ahead. This works great on a backup mailserver as it will look 'ahead' to the primary and if it is up, it will not accept the email. This might sound silly at first, but if you don't do it this way, you'll find a huge queue of spam to nonexistant users on the backup server which can't be returned to the bad addresses spammers use... or you wind up bouncing spam to those that did not send it... a horrid situation.
I'm not understanding your using the same MX priority settings, as there is not really a default server. Mail winds up split between both places instead of hitting the primary first. Spammers however will find your backup server and send directly to it, in order to try to circumvent rejects from the primary and create bounces out of the secondary. This situation is almost as bad as having an open relay. You can land yourself on a lot of blacklists quickly and become a part of the spam problem easily.
If you do wish to have two equally accessible mailservers, users will need to be replicated. Clustering or something like Xen could be a better option.
Best, John Hinton
On Thu, Oct 16, 2008 at 5:51 PM, John Hinton webmaster@ew3d.com wrote:
Scott Silva wrote: If you do wish to have two equally accessible mailservers, users will need to be replicated.
I was thinking LDAP would be better than raw passwd files. LDAP can be configured on the secondary mail server to keep users in sync with the primary for instant availability.
Brett
-
Brett Serkez -
Fabian Arrotin -
fabian dacunha -
John Hinton -
Scott Silva