Re: [qmailtoaster] switchover

Mon, 06 Aug 2007 20:25:13 -0700

Here are two procedures I used when switching over mail servers. You may have to adjust a bit, but it's a good start. The first one was migrating from GoDaddy to our own server. The second was migrating one qmail server to another in the same company (hardware/OS/QMail upgrade). 



DNS Preparations
One week before migration - change TTL in the DNS records to 60
Ensure both new and old mail servers have A record entries.  Example:
; 04/29/06 Added new A and MX records for e-mail migration
mail1           IN      A       xxx.xxx.xxx.xxx
                IN      MX      10 mail1.example.com.

Reload named on all DNS servers


Verify DNS is working by looking at logs and executing 
nslookup/dig/host.  Example:

[EMAIL PROTECTED] root]# tail -1000 /var/log/messages | grep "named\["

Apr 29 18:03:23 server named[16530]: loading configuration from 
'/etc/named.conf'

Apr 29 18:03:23 server named[16530]: no IPv6 interfaces found

Apr 29 18:03:23 server named[16530]: zone example.com/IN: loaded serial 
2006042901

[EMAIL PROTECTED] root]# nslookup mail1.example.com
Server:         xxx.xxx.xxx.xxx
Address:        xxx.xxx.xxx.xxx#53

Non-authoritative answer:
Name:   mail1.example.com
Address: xxx.xxx.xxx.xxx

[EMAIL PROTECTED] root]#




Set up e-mail accounts on new server using same credentials as the 
accounts on the old server.




Friday Night

Change the MX records to turn off the old mail servers.  Reload named on 
all DNS servers.

; 04/29/06 Removed old mail servers
;               IN      MX      50 mailstore1.secureserver.net.
;               IN      MX      60 smtp.secureserver.net.
; 04/29/06 Added new A and MX records for e-mail migration
mail1           IN      A       xxx.xxx.xxx.xxx
                IN      MX      10 mail1.example.com.
; email         IN      CNAME   email.secureserver.net.


[EMAIL PROTECTED] root]# service named reload
Reloading named:                                           [  OK  ]
[EMAIL PROTECTED] root]# tail -1000 /var/log/messages | grep "named\["

Apr 29 18:09:21 server named[16530]: loading configuration from 
'/etc/named.conf'

Apr 29 18:09:21 server named[16530]: no IPv6 interfaces found

Apr 29 18:09:21 server named[16530]: zone example.com/IN: loaded serial 
2006042902

[EMAIL PROTECTED] root]#


Verify DNS is working by executing nslookup/dig/host.  Example:
[EMAIL PROTECTED] root]# dig -t mx example.com

; <<>> DiG 9.2.3 <<>> -t mx example.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31889
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 4

;; QUESTION SECTION:
;example.com.               IN      MX

;; ANSWER SECTION:
example.com.        60      IN      MX      10 mail1.example.com.

;; AUTHORITY SECTION:
example.com.        60      IN      NS      ns1.example.com.
example.com.        60      IN      NS      ns1.example.com.
example.com.        60      IN      NS      ns2.example.com.

;; ADDITIONAL SECTION:
mail1.example.com.  60      IN      A       xxx.xxx.xxx.xxx
ns1.example.com.    60      IN      A       xxx.xxx.xxx.xxx
ns2.example.com.    60      IN      A       xxx.xxx.xxx.xxx
ns1.example.com.    60      IN      A       xxx.xxx.xxx.xxx

;; Query time: 12 msec
;; SERVER: xxx.xxx.xxx.xxx#53(xxx.xxx.xxx.xxx)
;; WHEN: Sat Apr 29 18:15:43 2006
;; MSG SIZE  rcvd: 178

[EMAIL PROTECTED] root]#



Send an e-mail from an account on the new server to the domain being 
migrated and check for delivery to the correct mail server.  View mail 
on server using web interface.
[EMAIL PROTECTED] root]# echo "test of new mail server" | mail -s "test 1" 
[EMAIL PROTECTED]

[EMAIL PROTECTED] root]#

Command
tail -100f /var/log/qmail/current | tai64nlocal | grep delivery
Output

2006-04-29 18:19:59.374196500 starting delivery 1038: msg 10422667 to 
remote [EMAIL PROTECTED]
2006-04-29 18:19:59.911565500 delivery 1038: success: 
xxx.xxx.xxx.xxx_accepted_message./Remote_host_said:_250_OK_id=1Fa0bP-00022U-Mz/


View new mail in webmail.



Monday Morning

Check all mail and retrieve mail from the old servers.  Then change mail 
server settings in the mail clients to the new mail server.  Get mail again.



Decommission the old mail server.


Restore DNS TTL to 3600 seconds.







Another procedure I used (2 weeks ago) was much simpler (QMail to QMT):
1 week before migration:
Set DNS TTL to 1800.
Create same accounts on new server.
NOTE: Ensure quotas are similar and spam protection is same.


Day of migration (Saturday):
Change DNS A and MX records to new IP address.


Sunday:
Copy old squirrelmail settings to new server.
Copy old mail to new system.


Tuesday:
Copy over any remaining non-spam mail to new system.


1 week later:
Decommission old server.
Change TTL to 3600.



Notes:

Spammers will continue hitting the old server DAYS later, even with a 30 
min TTL on the A and MX records.  Since most of the spam coming in is 
coming from residential users, I must conclude that Windows XP does not 
honor DNS TTL settings.  Anyone care to comment?




George Toft, CISSP, MSIS
623-203-1760




Naveen wrote:

Dear list,


 

Presently my company using ALT N MDaemon , and we would like to change 
our mail server to Qmail Toaster.


I already installed Qmail with QMT-ISO.


 

Can some one suggest me that the best way to change over to qmail from 
Mdaemon with out down time or may be less down time.



 

 


Regads,

Naveen



---------------------------------------------------------------------
    QmailToaster hosted by: VR Hosted <http://www.vr.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]























					Reply via email to