Host Corporate Email — Part 4
In part three of this four-part series, we took a look at MX records, and how properly-configured DNS is essential for email hosting. In this final installment, we'll take a look at ways to insure uninterrupted service and handle high volume for your corporate Macintosh-based email server.
Deploying A Backup MX Server:
If you've followed along with this series, you should now have a functioning well-configured mail server, available to the internet and exchanging messages from inside and outside your company. That's an adequate solution until a power outage, a loss of internet connectivity, or a hardware failure takes place. When disaster strikes, this machine becomes a single point of failure for your entire communications system, with employees unable to send or receive mail.
Historically, the answer to this problem has been to always have a backup MX, a secondary server that handles mail in the event the primary server is unreachable or inoperative. For most organizations that's still the best solution, as it allows not just redundancy but lets you geographically separate the machines on separate power grids and ISPs if you have a second office.
To set up a backup MX server, first add an additional MX record in both your internal and external DNS. The record name traditionally indicates that it's your secondary MX (such as mx2.makemacwork.com) and is set with a lower priority (and therefore, a higher number) like 20. This tells anyone sending your domain email to attempt delivery to your backup MX should connection to the primary MX fail.
Next, configure a second Mac OS X Server as you did the first, but using the second server's name as both the "Domain name" and "Host name" in the "General" pane of the Server Admin mail settings. Make sure IMAP is disabled, but check "Relay outgoing mail through host" and fill in the name of your primary mail server.
As a last step, you'll need to go back to your original server, and configure it to allow relaying from your backup host. In the "Relay" pane of the Server Admin mail settings, add the IP address of your secondary mail server. This allows any mail stored on your backup MX while your primary is down to be accepted without further authentication. Restart the mail service on your main host, and you should now have redundant mail receipt and delivery.
This time-proven method is how businesses and universities have avoided mail outages for the last twenty years, and few operating systems make it as easy to set up as Mac OS X. Ideally, your backup MX server will be housed, powered, and connected to the internet separately. If that's not possible, simply putting the machine on a separate circuit with a cheap cable or DSL connection can still get you through a host of unexpected problems (and more importantly, through routine maintenance).
XSan Mail Clustering:
From the old-school to the new-fangled, the more modern way of handling the need for mail service redundancy is mail clustering, where mail service can be handled by multiple servers all sharing a common real-time storage pool which holds incoming and outgoing messages. Mail clustering itself isn't a new idea, but Apple's version of it (requiring both Leopard and XSan 2) is so recent it doesn't yet even have documentation.
Nonetheless, if you're familiar with XSan implementation, the new clustering features aren't hard to take advantage of. The XSan 2 Admin tool allows you to create new Volumes optimized for Mail and assign them Affinities through a simple configuration wizard. You can then choose "Clustering" from the "Advanced" pane in Server Admin's mail settings, and click the "Change" button to launch another wizard to reconfigure your mail setup across multiple XSan client servers.
The advantage to Xsan mail clustering over the backup MX approach is primarily one of performance, with huge arrays of disks able to process mail more quickly and store it more efficiently. The disadvantage in most cases is that those arrays must be physically attached to multiple servers in the same location. Still, this setup eliminates the majority of reasons you might outsource your company's email service. If your organization needs redundant delivery and scalable performance, the only thing now standing in the way is next year's budget.
Special Thanks: Our friend and colleague Eddie Kelley, technician extraordinaire at Portland's Mac Pac, volunteered how to set up a backup MX without ever resorting to the command line.
Recommended Reading: If you're planning on maintaining a Macintosh mail server, it's important to have at least a passing understanding of Postfix, the open-source mail system OS X uses. By far the best reference is Ralf Hildebrandt and Patrick Koetter's Book of Postfix, available in PDF from publishers No Starch Press.
