DR Email

General eFa discussion
Post Reply
TheTodd2
Posts: 2
Joined: 30 Nov 2016 01:15

DR Email

Post by TheTodd2 »

I use EFA for the main incoming filtering for email, then it sends the mail to the desired server per domain. However, i also have a DR sendmail box at a different location that will accept email at a higher MX priority if EFA isn't online. There is a VPN between the DR site and the main site and the DR sendmail box forwards the mail for accepted domains back to the EFA when it comes back online.

However, I'm seeing that mailwatch and the other scanners on the EFA are actually scanning and looking up the validity of the internal IP address of the DR email system instead of the next source address. As such, any spam that reaches DR is then delivered to EFA and then delivered to the end user without proper scanning.

In Barracuda there was a way to tell the system that if mail is received from a certain IP, to skip that "received from" header and move onto the next section (the actual WAN IP of the source mail) and process the scans on there.

Is there such a feature within EFA?
User avatar
darky83
Site Admin
Posts: 540
Joined: 30 Sep 2012 11:03
Location: eFa
Contact:

Re: DR Email

Post by darky83 »

Why not use 2 efa boxes?
A 'good' setup would be to have an EFA (or any other spam filter..) on your DR site also, which sends accepted mails over an VPN to your mail server directly.
It is a bad practise to cache/relay messages on a single location and forward that to a spam filter (doesn't matter if this is EFA or any other spam filter), as items as RBL checks/SPF etc won't work, so this is a really bad way of handling your mail flow.

So an option like this is not something we would want to build in as it will limit the effect of a spam filter, better would be to change the way you handle your DR mail flow.
Version eFa 4.x now available!
TheTodd2
Posts: 2
Joined: 30 Nov 2016 01:15

Re: DR Email

Post by TheTodd2 »

The main reason I wanted the setup as was, is due to the nature of per user spam checking.

However, I have gone through and configured a cluster of 2 EFA's (3.0.1.5) at the same site using a centralized MySQL DB. I am aware that future updates may break the systems, but I will look at upgrades and make the changes as needed to make sure the system keeps working.

Now with that being said, I am having issues with the RPC between the 2 systems - If email is processed on EFA1, I can't view the details on EFA2, and reverse.

The error I'm receiving is "XML-RPC Error: Didn't receive 200 OK from remote server. (HTTP/1.1 302 Found)"

I have changed the /var/www/html/mailscanner/conf.php and defined the allowed RPC servers for each with the internal IPs. I have even enabled the RPC_SSL and set to true on both servers. I have also host records on each server to help find the other using the internal IP addresses.

Outside of doing the above, I'm not sure what else to change. Any thoughts?
Post Reply