RE: [IMail Forum] Off Topic - Dual Connections

2009-01-26 Thread Patrick Childers
 >...The second will never be looked at as long as DNS can find the first...

In a perfect world - Yes. Unfortunately, spammers love secondary's as much
(if not more) than the primary. ;-)

~Patrick

 

-Original Message-
From: imail_forum-ow...@list.ipswitch.com
[mailto:imail_forum-ow...@list.ipswitch.com] On Behalf Of Jim Pearce
Sent: Sunday, January 25, 2009 3:31 PM
To: Imail_Forum@list.ipswitch.com
Subject: Re: [IMail Forum] Off Topic - Dual Connections

That is correct, make the secondary something like 10 and the primary
something like 5. The second will never be looked at as long as DNS can find
the first...






To Unsubscribe: http://imailserver.com/support/discussion_list/
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://imailserver.com/support/kb.html



Re: [IMail Forum] Off Topic - Dual Connections

2009-01-25 Thread Jim Pearce
That is correct, make the secondary something like 10 and the primary 
something like 5. The second will never be looked at as long as DNS can find 
the first...



- Original Message - 
From: "Sanford Whiteman" 

To: "Kevin Rogers" 
Sent: Sunday, January 25, 2009 1:54 PM
Subject: Re: [IMail Forum] Off Topic - Dual Connections



my MX record and then in my A record add "backup.mydomain.com" to point
to the RCN static IP?  I would set that up with a higher priority number
so it only gets accessed when my primary MX record (which points to my
Covad IP) is down.  Would that work?


For inbound, yes, since MX failover is built in to the MX algorithm).

The bigger problem is outbound mail. Even if you manage to get working
dead  gateway  detection so that outbound packets go out your RCN link
if  Covad  is  down  (many  cheapish  routers  can make sure this part
works),  you  have to make sure that the mailserver's public IP on the
RCN  link  has a PTR record matching its HELO -- and that PTR can't be
in  a  known  subscriber range or have be a suspicious subscriber-like
hostname (1-2-3-4-cable-consumer.rcn.net).

If  you can get the PTR-EHLO-A "roundtrip" working on your backup link
so  you  can have reliable outbound delivery in a failover state, then
you should be okay.

As  Darin  said,  this  does  not  account  for any attempt to balance
inbound  HTTP  over  the  2 links; if you can automate DNS updates (by
running  your  own DNS, or at least your own stealth primary DNS) this
can, albeit roughly, be accomplished.

And  I  don't disagree with the recommendation of just moving anything
this  sensitive  to  a  datacenter!  :)  But  there are indeed ways of
getting it done at home in a rough sense for a few $ (dual-WAN router,
Draytek  for  example).  Just  a matter of how much energy you want to
spend, and what kind of guarantees you can make to your clients.

--Sandy




Sanford Whiteman, Chief Technologist
Broadleaf Systems, a division of
Cypress Integrated Systems, Inc.
e-mail: sa...@cypressintegrated.com

SpamAssassin plugs into Declude!
 http://www.imprimia.com/products/software/freeutils/SPAMC32/download/release/

Defuse Dictionary Attacks: Turn Exchange or IMail mailboxes into IMail 
Aliases!

 
http://www.imprimia.com/products/software/freeutils/exchange2aliases/download/release/
 
http://www.imprimia.com/products/software/freeutils/ldap2aliases/download/release/


To Unsubscribe: http://imailserver.com/support/discussion_list/
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://imailserver.com/support/kb.html



To Unsubscribe: http://imailserver.com/support/discussion_list/
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://imailserver.com/support/kb.html



Re: [IMail Forum] Off Topic - Dual Connections

2009-01-25 Thread Sanford Whiteman
> my MX record and then in my A record add "backup.mydomain.com" to point
> to the RCN static IP?  I would set that up with a higher priority number
> so it only gets accessed when my primary MX record (which points to my
> Covad IP) is down.  Would that work?

For inbound, yes, since MX failover is built in to the MX algorithm).

The bigger problem is outbound mail. Even if you manage to get working
dead  gateway  detection so that outbound packets go out your RCN link
if  Covad  is  down  (many  cheapish  routers  can make sure this part
works),  you  have to make sure that the mailserver's public IP on the
RCN  link  has a PTR record matching its HELO -- and that PTR can't be
in  a  known  subscriber range or have be a suspicious subscriber-like
hostname (1-2-3-4-cable-consumer.rcn.net).

If  you can get the PTR-EHLO-A "roundtrip" working on your backup link
so  you  can have reliable outbound delivery in a failover state, then
you should be okay.

As  Darin  said,  this  does  not  account  for any attempt to balance
inbound  HTTP  over  the  2 links; if you can automate DNS updates (by
running  your  own DNS, or at least your own stealth primary DNS) this
can, albeit roughly, be accomplished.

And  I  don't disagree with the recommendation of just moving anything
this  sensitive  to  a  datacenter!  :)  But  there are indeed ways of
getting it done at home in a rough sense for a few $ (dual-WAN router,
Draytek  for  example).  Just  a matter of how much energy you want to
spend, and what kind of guarantees you can make to your clients.

--Sandy




Sanford Whiteman, Chief Technologist
Broadleaf Systems, a division of
Cypress Integrated Systems, Inc.
e-mail: sa...@cypressintegrated.com

SpamAssassin plugs into Declude!
  http://www.imprimia.com/products/software/freeutils/SPAMC32/download/release/

Defuse Dictionary Attacks: Turn Exchange or IMail mailboxes into IMail Aliases!
  
http://www.imprimia.com/products/software/freeutils/exchange2aliases/download/release/
  
http://www.imprimia.com/products/software/freeutils/ldap2aliases/download/release/


To Unsubscribe: http://imailserver.com/support/discussion_list/
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://imailserver.com/support/kb.html



RE: [IMail Forum] Off Topic - Dual Connections

2009-01-25 Thread Todd Richards
Darin wrote:
"All in all, I'd advise putting the server in a hosting facility for more
reliable power, connectivity and security."


Kevin, we battled with something similar for close to a year (I probably
have some posts in the archive!)  We finally bit the bullet and moved the
mail and web server to a collocation center, and the only complaint that I
(and my boss who writes the checks) have is that I didn't do it sooner.

Todd




To Unsubscribe: http://imailserver.com/support/discussion_list/
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://imailserver.com/support/kb.html



Re: [IMail Forum] Off Topic - Dual Connections

2009-01-25 Thread Darin Cox
Hi Kevin,

For mail this is an easier problem to fix.  Just set up two MX records in 
DNS, e.g. mx1.example.com and mx2.example.com, and have each pointing to a 
static IP from each provider.  Then if one is offline, mail servers should 
deliver to the other.

For web this is more difficult, and involves either load balancing that 
occurs outside of your address space from each provider, or detection of 
downed lines with a process to update DNS records to change the IP.  The 
latter is subject to TTL on the DNS records, though, which makes it less 
desirable.

All in all, I'd advise putting the server in a hosting facility for more 
reliable power, connectivity and security.

Darin.


- Original Message - 
From: "Kevin Rogers" 
To: 
Sent: Sunday, January 25, 2009 4:31 AM
Subject: [IMail Forum] Off Topic - Dual Connections


I am using Covad Wireless for my sole access provider for my server.
Lately, there have been problems connecting (radio interference between
my satellite and the receiver) and they have stated that it's their fault.

I've been thinking about an easy way to add another connection to my
router for those very few times that my Covad connection drops.  My
server is in my home and so I'm trying to connect my home network (RCN -
a cable provider in the Bay Area) to the server's router.

My RCN (home) account has 5 static IPs.   But setting up the DNS records
is a bit confusing.  I can't use the RCN static IP address in my MX
record obviously, but I don't have a domain like "mail.rcn.com" from RCN
- just the 5 static IPs.

Is it possible to use some random domain like "backup.mydomain.com" in
my MX record and then in my A record add "backup.mydomain.com" to point
to the RCN static IP?  I would set that up with a higher priority number
so it only gets accessed when my primary MX record (which points to my
Covad IP) is down.  Would that work?

Also, I have an A record that points to my Covad IP for http requests (I
host both my webserver and my mail server on the same box).  Since A
records don't have priority levels, if I add another A record pointing
to my RCN IP address, will http requests coming into my domain
automatically try the first IP address listed in the record list (in
this case Covad), or will it be random?  I would like www.mydomain.com
http requests to go through my Covad account if it's live, but my RCN
account if it's not.

Thanks
Kevin









To Unsubscribe: http://imailserver.com/support/discussion_list/
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://imailserver.com/support/kb.html



To Unsubscribe: http://imailserver.com/support/discussion_list/
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://imailserver.com/support/kb.html