A question that I've asked myself (and google) many times but never got to an answer.

Scenario:

ServerA) postfix Primary MX

ServerB) postfix Backup MX

According to the rfc a source mailserver can decide where to send email e.g. send an email to backup even is primary is reachable up and running.

So my questions are:

1) how do I (live I mean) replicate messages arrived on any server to the other?

2) How do I synchronise sent messages, message deletion, folder creation/deletion.

Imapsync goes half way towards the solution but it needs to be run manually one off and you must specify source and destination.

All I wanted really is a user to be able to use either server without having to worry about primary/secondary or what so ever.

Thanks!
rs232

here's a possible setup:

1. a single mail store (e.g. imap server)
2. two smtp servers (main MX and backup MX)
3. backup MX relays to main MX.
4. main MX delivers to mail store.

What you are wanting is more than simple replication of postfix (SMTP Server), you are also looking to replicate iMap server, and perhaps other services, which is a bit more complex.

Normally SMTP server are set up with a priority and most non-spam servers will try server 1 before they try server 20, spammers frequently try to hit smtp 20 first in hopes it doesn't have the spam defenses that are probably in place on smtp 1. Having multiple SMTP services listed, at least in my case allows for me to lose an internet connection and for SMTP traffic to come through a second SMTP gateway, and be routed to my mail store.

What I think you want to do is have a redundant server for availability in case something happens to one server. Probably the best way (at least that I can think of) to accomplish a simple redundant backup is to set up a DRDB High Availability cluster so that data is replicated between two machines, and upon the failure of one machine, the other takes over, normally without being noticed by the end user. This method has been around for years, and is pretty well documented, now that you know what to look for.

If you are looking to scale to a large number of users, or a all active scenario you are going to need to explain yourself and your wants / needs much better.

Hope this is useful.

Both of the above posts are right on the mark. I presently have two Postfix servers, each of which is the primary MX for a different domain and acts as the back up for the other. When functioning as the backup, they will receive mail for their backup domain and will automatically attempt to forward it to the primary MX. If they are unable to forward it, it will be held in queue until it can be delivered for up to 60 days. The POP/IMAP servers for the domains run on the same machine as the MTA for that domain. As a result, if the domain's server is down, mail can't be received by recipients, but it is not lost.

Thanks to everybody, that really helps!

My setup is actually multiple domains all running on a primary MX server (server1) with local storage. The SMTP traffic for the server is low (about 100 messages/day). Users use the email using a web interface.

The backup server (server2) is located on a different site and connected via VPN. This is NOT set as backup MX yet and is currently replicating mailboxes every night fetching messages from server1 using imapsync. This has been working ok but:
a) as the number of users grow imapsync doesn't scale and especially needs to be set with the individual user password which is not a great.
b) it's not realtime

I'm using 3 core components:

- ASSP (antispam)
- Postfix (SMTP operations)
- Dovecot (IMAP access to mbox files)


So I do like the idea to have the backup MX delivering messages to primary MX.
But if server1 goes down users will not be able to use the email would they?
They could send and read synchronised pre-failure messages if they had access to the web interface of server2 but new messages would stay in server2 MX queue in my understanding.

It would be nice to have messages sent to both mailboxes (on servers1 and server2) when received AND sent no matter on which of the two server the operation is processed (AKA multimaster). This would be real-time to me and server1 down means no interruption in the service.
But may be I'm asking too much :-)