Well, since Eric asked me to put it in here, i put it in here:
I want to use a vps as a master for cloudmin / virtualmin administration and would also like to give it a second job as a backup mx.
Do you have a standard procedure for that?
Does it make sense, of installing first virtualmin to get things going with all mail related stuff like spamassasin, clam av etc and the configure the mailserver for backup purpose and then installing cloudmin or doing it manually?
What do you think about letting postfix check rbl lists? Would that reduce spam too? I've read quite a lot about this, but i do not want to mess up ;-)
One could think it a bit larger, of having a Mailserver who would filter all mails centralized for a bunch of other servers behind. Here are a lot of options possible, which one could use, but not all of them give you what you bet for, so what do oyu think, which way to go, if one has not only one virtualmin based webserver, and Cloudmin Pro too... Also, creating a best practice for mailserverhandling, also with certs and encrypted client communication (port 465, 587) but also hardening it PCI wise and using PFS, would be a larger task to accomplish. So, should we go down this road? Perhaps we find some thinkgs, which could be done in virtualmin to make life easier?
We will see. ...
Thanks and best.
Comments
Submitted by andreychek on Thu, 10/06/2016 - 22:51 Comment #1
Howdy -- thanks for opening a new request!
Regarding the backup MX server -- we have some documentation that may help you get started with that. Take a peek at this, does this help answer your first question:
https://www.virtualmin.com/documentation/email/hold-and-forward
Regarding Postfix and RBL lists -- certainly! I do that on my own personal servers.
I include the following in the "smtpd_recipient_restrictions" section on my own system:
reject_rbl_client cbl.abuseat.org, reject_rbl_client sbl.spamhaus.org, reject_rbl_client xbl.spamhaus.org, reject_rbl_client psbl.surriel.comAnd lastly, there's some details here on running SpamAssassin and ClamAV on a remote server:
https://www.virtualmin.com/documentation/email/spam-av#toc-moving-spam-a...
Let us know if you have any other thoughts or questions after checking out the links above!
Submitted by just_me on Fri, 10/07/2016 - 02:29 Comment #2
Ok, read the first link. What i understand, is that i need virtualmin pro for this, correct?
Let's say i have several servers (running gpl) and a cloudmin pro server, which should control the other virtualmin/webminservers and do the emailjob, i would see some different scenarios:
There are also different strategies to avoid spam by creating mx records which point to non-existing servers like:
10.... non existing 20... Backupmailserver 30 ... mainmailserver 40 ... non existent
to fool spammers, because they usually go on entry 10 and seldom on entry 20...
Does it make sense anyhow?
Thanks and best
Submitted by andreychek on Fri, 10/07/2016 - 08:48 Comment #3
Jamie, could Cloudmin Services do what this user is after here?
Submitted by JamieCameron on Fri, 10/07/2016 - 10:17 Comment #4
Cloudmin Services can't yet do distributed mail processing - because for that to work properly, all the systems would need to share the same home directory, user database and Postfix config.
Submitted by just_me on Fri, 10/07/2016 - 13:11 Comment #5
Ok, this would be a very good option for Cloudmin(pro) ;-) btw. Besides, to have my cloudminpro installation to work as a backup mx, i need virtualmin pro for that installation, correct? The other regular servers which have the domains running can use gpl, or did i misunderstand something?
So it looks like i will have to look into option 1. If i start off with a new server, would i need to install virtualmin (pro) first, for all mailsetupthings and then cloudmin, or vice versa?
Best