Advice Request

Hi,

We are implementing our first Virtualmin Pro server. We're upgrading from another hosting platform and we're trying to build a little more resilience into our installation.

We are at a point where we are renting a VPS from another provider in another data center to provide certain services in case our primary server goes down. We're not trying for a perfect-world scenario, just easy and functional. These are our immediate goals:

Slaved Name Server Backup MX Replicated LDAP Backup RADIUS (uses replicated LDAP)

We may want to somehow backup/replicate our MySQL-based billing system (WHMCS) too, but I don't know how I would go about that yet.

Can you advise me on how I might go about this?

For example, should I just start with a clean Centos 5 install and construct everything manually? Should I put up another Virtualmin server? Pro or OSE?

How should I deal with spam filtering? If I don't implement spam filtering in the backup MX, it will all just flow into user's mailboxes when the servers reconnect, or would it? If I do implement the filtering, I may need a beefier VPS...

Anyway, thanks in advance,

G

Status: 
Closed (fixed)

Comments

It really depends on how much redundancy you are looking for - if you just need a backup MX and DNS in case the main server is down for a while, see :

https://www.virtualmin.com/documentation/id,dns_slave_auto-configuration...

and :

https://www.virtualmin.com/documentation/id,hold_and_forward_backup_mail...

True redundancy for the whole site so that the alternate machine can take over completely is more complex, and not really automated by Virtualmin..

Thanks, those links were helpful.

G

The issue of spam filtering on the backup MX is a good point here. I'm not sure how widespread this procedure still is but spammers used to intentionally deliver their stuff to MXes with lower priority, hoping that those would be merely backups without actual user base, and have a laxer anti-spam policy in place.

Using SpamAssassin on a store-and-forward-only system might be tricky. But it should be feasible to use DNSBLs or greylisting at least.