Re: [exim] Exim Mirror or Backup Solution

Top Page
Delete this message
Reply to this message
Author: Jeremy Harris
Date:  
To: exim-users @ exim. org
Subject: Re: [exim] Exim Mirror or Backup Solution
Burhan Khalid wrote:
> Hello Everyone:
>
> We have the current setup running perfectly:
>
> Exim 4.52 on RHEL 2.4.21-4.0.1 (this is a cpanel box, not sure if
> this makes a difference with my question). There is also a POP3 and
> IMAP server running on this box.


I don't know if cpanel is flexible enough for all this; you may need
to dive in and do manual configuration.

>
> This computer is located in a data center in US and in addition to
> Exim, runs various other services. Our main offices are Kuwait. I
> would like to setup Exim on one of our local servers here such that :
>
> 1. The local Exim server holds backup of all emails sent/recieved
> from the "main" server.


Purely for backup purposes? No user access needed?
Have (whatever equivalent of) users' .forward files
always specify the backup-collector account. Or
take a copy of every item by using an "unseen" router.

> 2. Local delivery takes places without a trip to the US over the
> Internet. Internet is not very reliable in Kuwait (also is very
> expensive).


Maintain a register of user "home location". Sync this to all
sites. Use it to route all mails.

>
> 90% of my users are in our local office, but I do have a few road
> warriors (10) and have an average of 5 to 7 users in the field sending
> and recieving messages.


Provide remote users with access via IMAP and SMTP-AUTH (on
both port 587 and 25). Don't permit non-Auth SMTP for
senders claiming to be your own people. Enforce
use of TLS (on both SMTP and IMAP) if you can; offer connect-time-SSL
SMTP on 465 if you must in order to support stupid MUA software.

Offer POP if you must, again, TLS preferred.

Embed an AV-scanning package.



> Can someone please point me in the right
> direction to setup a solution that solves this problem? I searched
> myself, but I'm not sure if the fetchmail-to-IMAP-store solution will
> help me here.


> Mainly I'm concerned about the remote users (these
> people travel alot). I do not want to have a large delay between the
> time they send a message till the time that fetchmail kicks in and
> messages are available to the local users.


Rip out the fetchmail; run as many links as possible in the "push"
mode used by SMTP as possible. Leave "pull" to the last step,
dest-MTA to MUA, to IMAP.

> Also, I'm concerned with
> having to make redundant trips or fall into a loop where messages are
> being sent to the US server, fetched, then sent again (read about this
> in a recent thread).


Keep the home-location DB up to date.



Anyone else? What have I missed?

- Jeremy