OETIKER+PARTNER AGO+P InsightsOETIKER+PARTNER AGO+P InsightsEvery now and then I run into a situation where a site is cut-off from its usual internet connection. Often it is quite simple to jury rig a replacement internet connection. And quite quickly local access is fine again except for some loss in performance.
It gets a bit more complicated if there is a local mail server involved. The replacement internet link will in all likelihood not provide the same static IP as the original link, maybe not even a static IP at all.
If you have an off site secondary mailserver, the problem is pretty simple to solve. Create a reverse ssh tunnel from the primary (cut off) mail server to the secondary mail server.
primary$ ssh -f -o ServerAliveInterval=10 -R 12345:localhost:25 secondary sleep 31622400
On the secondary use a transport map to tell it of the new connection to the primary.
secondary# cat <<MAP >/etc/postfix/tranport
mydomain.ch smtp:[127.0.0.1]:12345
MAP
secondary# postmap /etc/postfix/tranport
Make sure the transport map is listed in /etc/postfix/main.cf of the secondary. And while you are at it, make sure mail does not bounce. This might be a good thing on the primary server as well.
transport_maps = hash:/etc/postfix/transport
soft_bounce = yes
Finally restart postfix, and flush the queue. Beware of mail loops and refusals.
Free port 25 access is becoming more and more of a problem, so if your backup link toes not allow your mailserver to send mail out, you may want to do the sending via ssh tunnel as well.
primary$ ssh -f -o ServerAliveInterval=10 -L 54321:localhost:25 secondary sleep 31622400
Setup a transport map on the primary mailserver, telling it to send all messages to the secondary for delivery.
primary# cat <<MAP >/etc/postfix/tranport
mydomain.ch :
* smtp:[127.0.0.1]:54321
MAP
primary# postmap /etc/postfix/tranport
Again make sure the transport map and soft bounces are active in the primaries main.cf and then restart postfix and flush the queue.
NOTE: The content of this website is accessible with any browser. The graphical design though relies completely on CSS2 styles. If you see this text, this means that your browser does not support CSS2. Consider upgrading to a standard conformant browser like Mozilla Firefox, Opera, Safari or Konqueror for example.