mail

Migrating Sendmail Mail Server

Below is how I have migrated mail server with minimum downtime and routing mail to the new server via mailertable, if IP is still pointing to the old server and has not resolved for some ISPs.

  • 48 hours prior to migration, set the TTL value for the mail server DNS A record to a short time like 15 minutes.
  • Prepare for the migration, rsycing the mail spool folder and the user home mail folders.
    rsync --progress -a -e "ssh -i /root/.ssh/key -p 22" old.mailserver:/var/spool/mail/ /var/spool/mail/
    rsync --progress -a -e "ssh -i /root/.ssh/key -p 22" old.mailserver:/var/www/web1/mail/ /var/www/web1/mail/
    rsync --progress -a -e "ssh -i /root/.ssh/key -p 22" --exclude='*/bak' --exclude='*/web' old.mailserver:/var/www/web1/user/ /var/www/web1/user/
  • At the time of migration, firewall incoming port 25 on the old mail server and update the DNS A record to point to the new server.
  • Run rsync the final time.
  • Setup Sendmail with mailertable to relay mail coming in to the old server over to the new mail server. This is a similar setup for secondary mail servers.
  • Add "FEATURE(`mailertable', `hash -o /etc/mail/mailertable.db')dnl" to "/etc/mail/sendmail.mc" if it does not already exist.
  • Create "/etc/mail/mailertable" file with contents of the routing table:
    domain.tld esmtp:[xxx.xxx.xxx.xxx]

    The square brackets skips checking MX records, so IP can be used instead.
  • Remove domain name from "/etc/mail/local-host-names" so mails do not get delivered locally.
  • Edit "/etc/mail/access" to relay mail for the domain.
    TO:domain.tld RELAY
  • Rebuild the access and mailertable databases.
    cd /etc/mail
    makemap hash access.db < access
    makemap hash mailertable.db < mailertable
  • Restart sendmail and open up the firewall.
  • Test by telneting to port 25 on the old servers' IP and sending email. This should get relayed over to the new server.
  • Use a new subdomain and redirect existing webmail url to the new server.

resend all mails in sendmail queue

As root you can redeliver all mail in the mail server queue via:

sendmail -v -q

Plesk email users and passwords

Below is sql, if you ever need to test out your users email accounts on plesk server:

mysql> use psa
mysql> select concat(mail_name,"@",name) as email_address, accounts.password from mail left join domains on domains.id=mail.dom_id left join accounts on accounts.id=mail.account_id;

Using a .forward to send mail to multiple accounts

If you put multiple addresses in a .forward file, a copy will be sent to each.

remoteuser1@domain.tld, remoteuser2@domain.tld, remoteuser3@domain.tld

If you want to keep a copy of each message in the original account without causing a .forward infinite loop, put a backslash in front of the account name.

\localuser, remoteuser1@domain.tld, remoteuser2@domain.tld, remoteuser3@domain.tld

sendmail access.db by example

The sendmail access database file can be created to accept or reject mail from selected domains.

Since "/etc/mail/access" is a database, after creating the text file, use makemap to create the database map.

# makemap hash /etc/mail/access.db < /etc/mail/access

Below is what my access file currently looks like and can be used as a starting point. All internal addresses have been changed except for spammers!!

# by default we allow relaying from localhost...
localhost.localdomain           RELAY
localhost                       RELAY
127.0.0.1                       RELAY

# Allow Connect from local server IPs
Connect:207.44.206.144   OK

# Accept Mail
# accept mail from PayPal
paypal.com      OK

# Reject Mail
posterclub@e.allposters.com     REJECT
posterclub@email.allposters.com REJECT
plastmarket.com                 REJECT
jr@jrtr.org                     REJECT
7b2.606@fe01.atl2.webusenet.com REJECT
mysoldpad.com                   REJECT

# Discard Mail
1and1-private-registration.com  DISCARD
# forum admin mails:
fictionaluser@gmail.com         DISCARD

# Reject full mailbox
fictionaluser@linuxweblog.com ERROR:4.2.2:450 mailbox full
fictionaluser@linuxweblog.net REJECT

# Blacklist recipients
linuxweblog.net ERROR:550 That host does not accept mail

# Spam friend domains: exempt domains from dnsbl list checking
Spam:linuxweblog.org      FRIEND

# Spam friend users: exempt email users from dnsbl list checking
# example:
# Spam:user@domain.tld         FRIEND
# clients
Spam:fictionalclient@hotmail.com  FRIEND

# Auto REJECT via hourly cron added below

Comment