Backup MX configuration

I created a backup mail server according to the documentation and I have the impression that I probably did something wrong. I created a new server with Virtualmin GPL, configured it and finally used “virtualmin syncmx-domain --all-domains”. The “/etc/postfix/relay_recipients” file was filled on the backup server. But I assumed that on the primary server the virtual server templates for the DNS zone file for would be automatically filled with the DNS record for the backup mail server and that the DNS zone record’s would be automatically regenerated for all existing virtual servers. However, this did not happen. Is this the standard situation, or did I do something wrong? And I would have one more question. Why is it necessary to install Virtualmin on the backup MX server as well? Wouldn’t just installing Webmin, like “Slave DNS configuration”, be enough? The point is that ports that we don’t need are opened, and that Apache cannot be disabled in Virtualmin. It seems like a lot of unnecessary ballast in this case. There must be some justification for this, so I’d like to know why. It just seems like a “gun on sparrows” to me. THX for answer.

I can’t answer your problem but almost everything can be disabled in Virtualmin.

image1357×672 65 KB

Maybe Ilia Ross who wrote the article can help.

Seems reasonable.

There was just a discussion about having different install levels for VM. I’m not sure where that stands but I think there is already a minimal? Check the docs.

Just to tease out the main problem, no secondary MX records were created? I don’t have access to VM Pro but the docs clearly indicate that should have happened if you followed the steps.

Additional MX record: An extra MX record with a lower priority than the primary is created.

I don’t know where in the process it should have happened, but this looks like the likely spot?

Apply to existing domains: Optionally, select Add all existing mail domains to secondary MX servers if you want to apply this to existing domains.

I did this step, but without effect.

And did this too. And too without effect.

This is my select on default server:

image1920×1080 202 KB

And this is default server response:

image1920×1080 125 KB

And I have problem with this. I don’t want web server enabled on bakup MX and slave DNS servers.

Even if it won’t let you remove it you should be able to stop it and keep it from restarting at boot up.

image1502×212 36.9 KB

As to why the secondary MX records weren’t added to the DNS, that’s more an staff question. I’d open a ticket since this is a pro feature.

I think the new version of Virtualmin has creates a dummy “virtual server” so it can get a ssl for the hostname. In webmin is that virtual server in apache?
I’m note sure there away around it, if you disable it somehow then the letsencrpt cert can’t be renewed for the hostname as it need a website running.

Yes, I can disable apache service, but why? Why do I must install this, if I don’t need it?

No. Nobody needs web server for this. Certbot standalone mode with http challenge working without http server installed on server.
That’s why I was wondering why for Slave DNS it is enough to have Webmin installed on the target server, but for Backup MX it must be Virtualmin installed on the target server. Not only Webmin.

Not sure what you mean by that, DNS challenge works without webserver, you need a webserver for http challenge.

Certbot spins up a web server in that mode so it will work and apply the certificate

Ok, so its a special config of certbot. Gotcha. That’s a new one to me. I guess I’ve always let virtualmin do thats stuff.
So then how do you then install virtualmin without it creating a dummy “Virtual Server” for the hostname so to disable apache.

You don’t need to install virtualmin, webmin will do what the OP wants to do

Yep, but he is using the doc

where virtualmin is the backup. With webmin as backup he will need different docs.

This might help to do it with virtualmin using a very minimal stack.