Hi Techs/ Devs,

Been a long time, hope your all well.

Quick one for you, I'm not too sure if it's by design or if there is an option to add to the server.properties file but I need a way to not have emails accumulate in users folders after the primary server is back up.   Let me explain further;

Primary Server = mx record highest priority

Secondary Server = mx record lowest priority

So as per the above all the emails are coming through to the primary server fine. Now if we stop the Xeams service on the primary server the second server handles mail fine - all good.

Now as the downstream server is the Primary server once the Primary server comes up all emails empty from the outbound queue back into the Primary server fine so all good there too.

That is as far as we need the setup to be.  Presently all emails remain stored in the user folders on the secondary server even if they all get delivered to the primary server when it is back up. 

I understand this is what makes the setup 'redundant' but this is not required once the Primary server back up. 
Having copies and copies of emails mounting up on the secondary server every time there is an outage even after they are all pushed downstream doesn't make any sense at all.

Is there a setting I can apply to simply delete all emails from user folders once the downstream (primary) server is back up and all the outbound queue has been flushed?

Many Thanks,

James

Just building up on the above slightly;

Primary Server is in firewall mode
Secondary Server is in SMTP mode with downstream configured as the Primary in the domains section.

Clustering is not in use as it brings no real benefit or solution to the objective in question (flushing emails from secondary server).

Thanks, James

James,

Something does not add up. Why is your Primary running in "Firewall" and the Secondary in "Stand alone"? Is there any other server AFTER the primary?

Could please confirm if the following image is correct:

Internet --> Primary --> Exchange

Internet --> Secondary --> Primary --> Exchange

If the above flow is correct, both should be in Firewall Mode and you can set the Message Retention period to a small value (let's say 10 days). In this case, Xeams will automatically delete messages after 10 days.

Hi,

Yes, the image is spot on. The Secondary only ever gets email when the primary is down due to MX records.

But if the Secondary is in firewall mode how is Xeams going to accept the message in the first place if the Primary server is down since it only proxies the connection?

I was under the impression that in firewall mode the secondary server (exchange) MUST be up? Hence if the Primary Xeams server is down how will the Secondary Xeams server connect to it to proxy the connection?

Many thanks.

Another thing to note; if the Secondary server is in Firewall mode, how would it check with AD to make sure the user exists?  The whole Primary site is down?

Do you mean by creating users in firewall mode and rejecting unknown users? I thought Firewall mode only works on a proxy basis?

Hi again,

Just to confirm that I have tested your setup and as expected it doesn't work. Telnetting the port or emailing the server returns Xeams Server Temporarily out of service (you cant proxy if your primary xeams is down).

I think there is a misunderstanding. Let me further clarify;

TTL = 0 [mx1.test.com - xxx.xxx.xxx.xxx] -----> Primary Xeams in firewall mode -------> to Exchange

Now if the entire primary "site" is down which includes the internet connection, the BELOW applies AND WORKS;

TTL = 10 [mx2.test.com - yyy.yyy.yyy.yyy]  ----> Secondary Xeams (email stored in User folder AND outbound queue)

WHEN Primary Site is back up the BELOW applies;

Secondary Server attempts connection to Primary site every 5 minutes (Outbound Queue setting) ---> Primary Xeams in firewall mode back online ---> Proxy to Exchange

The above setup works Perfectly however when the email comes into the secondary server it is stored twice, once in the outbound queue waiting to be pushed to the Primary Firewall mode.
Storing the email in the user folder that is created to measure licensing AND the outbound queue is useless as the user never access the secondary SMTP.  The user access the Exchange name space only and will never see the secondary Xeams server. The only reason a user has an account on the Secondary server is purely for licensing as there is no way to cross check with AD in the Primary site since it is down. So Firewall mode on both servers will simply not work.

What my objective is for the email to arrive at the secondary site (which it does), keep the email in its outbound repository (which it does) WITHOUT storing it in the users folder.
I can understand you will need to create the same users on the Secondary Xeams server for licensing and for the correct accepting of email and have no issues with that.
Its a trivial yet extremely versatile and redundant setup.

I can ask the devs to keep running a nightly script to flush the inbox file but it's a dirty solution to a simple problem - we just either;

a) No storing of the email in user folders and just to keep a copy in the outbound queue after scanning for junk since users will never access the second Xeams machine.
b) Some sort of user retention policy that we can set to delete all email in user folders once the email is successfully passed onto the Primary Xeams server when it is back up.

I hope that makes things clearer.  Thanks!

James

<Repeated below mistakenly posted as Anonymous earlier>

Hi again,

Just to confirm that I have tested your setup and as expected it doesn't work. Telnetting the port or emailing the server returns Xeams Server Temporarily out of service (you cant proxy if your primary xeams is down).

I think there is a misunderstanding. Let me further clarify;

TTL = 0 [mx1.test.com - xxx.xxx.xxx.xxx] -----> Primary Xeams in firewall mode -------> to Exchange

Now if the entire primary "site" is down which includes the internet connection, the BELOW applies AND WORKS;

TTL = 10 [mx2.test.com - yyy.yyy.yyy.yyy]  ----> Secondary Xeams (email stored in User folder AND outbound queue)

WHEN Primary Site is back up the BELOW applies;

Secondary Server attempts connection to Primary site every 5 minutes (Outbound Queue setting) ---> Primary Xeams in firewall mode back online ---> Proxy to Exchange

The above setup works Perfectly however when the email comes into the secondary server it is stored twice, once in the outbound queue waiting to be pushed to the Primary Firewall mode.
Storing the email in the user folder that is created to measure licensing AND the outbound queue is useless as the user never access the secondary SMTP.  The user access the Exchange name space only and will never see the secondary Xeams server. The only reason a user has an account on the Secondary server is purely for licensing as there is no way to cross check with AD in the Primary site since it is down. So Firewall mode on both servers will simply not work.

What my objective is for the email to arrive at the secondary site (which it does), keep the email in its outbound repository (which it does) WITHOUT storing it in the users folder.
I can understand you will need to create the same users on the Secondary Xeams server for licensing and for the correct accepting of email and have no issues with that.
Its a trivial yet extremely versatile and redundant setup.

I can ask the devs to keep running a nightly script to flush the inbox file but it's a dirty solution to a simple problem - we just either;

a) No storing of the email in user folders and just to keep a copy in the outbound queue after scanning for junk since users will never access the second Xeams machine.
b) Some sort of user retention policy that we can set to delete all email in user folders once the email is successfully passed onto the Primary Xeams server when it is back up.

I hope that makes things clearer.  Thanks!

James

James,

From your description, I gather there is a confusion between Modes (Stand-alone, Hybrid, Firewall) and Server types (SMTP Proxy and Regular SMTP). These are two different concepts and you don't have to use the SMTP Proxy server when using Xeams in Hybrid/Firewall mode.

I see you're using the SMTP Proxy server on both Primary and Secondary MX. That is the reason why you get Server Temporarily out of service when the next server is down.

This is what I recommend:

• Don't use SMTP Proxy server. Use the regular SMTP Server. Check https://www.xeams.com/SwitchingProxy2Regular.htm for instructions on how to switch. This is alleviate the dependency of the primary server from the secondary.
• Use Xeams in Firewall mode, not Hybrid. This ensures the User Repository in Xeams does not get filled.

This will meet both of your requirements.

Additionally, I recommend you run Xeams in Clustering mode. What is the reason for not using this feature? This will have additional benefits:

• Both Primary and Second Xeams should forward their emails to Exchange
• If Primary Xeams goes down, emails will go to your Exchange through Secondary Xeams
• You will always be able to search messages from Primary. None of your users should connect to the web interface of the Secondary.

Hi,

Thanks for getting back to me.

There seems to be a slight misunderstanding. Let me clarify a little bit more;

1) The Primary Xeams server is in SMTP proxy / Firewall mode - this is because Exchange sits behind it and users connect to Exchange for outbound sending [smart hosts is not an option]
2) The secondary Xeams server is already in SMTP server mode with the Spam firewall enabled however; This server isn't in the same location as the primary server. So;

When email doesn't get through to the Primary server because of an mx timeout on the connection, it will immediately try the second mx which is the Xeams server at the remote site.
The other Xeams server receives the email and filters it fine and the settings used are Server Mode = SMTP / Server Type = Firewall and Domain = the Primary Xeams server IP.

However;
I have changed the outbound queue time to 5 minutes so the secondary Xeams server is constantly trying to push it to the primary site. From what I understand I will need to create the same users that exist on the Exchange server at Secondary Xeams SMTP server for licensing and rejection of unknown users as accepting all users would cause licensing issues and obviously AD cannot be reached as the Primary site is down etc. So I have done this.

The issue is when you look at the user folders on the secondary Xeams server you will find that every time an email arrives for that user the inbox.hdr or .xdt (I cant remember) grows a little
A filtered copy is also stored in the outbound queue waiting to be pushed back to the Primary server. I have set this to 5 minutes so that's no issue.

The objective is that when emails arrive at the Secondary site, they are not copied once to the user folder and once to the outbound queue - they only need to go to the outbound queue as those folders (inbox, sent, junk, etc.) will never be accessed. Users ONLY connect to the local exchange server on the primary site. The Secondary Xeams server also never connects to Exchange either. It simply forwards email to the Primary Xeams server. The Secondary Xeams server cannot connect to the Exchange server anyway because the NAT connection and FW rules can only forward port 25 to ONE device which happens to be the Primary Xeams server, so the Primary Xeams server MUST be the first point in for all other remote Xeams installations anywhere in the world which then forwards to the Exchange server.

I could be wrong here but maybe the user folders automatically get emptied after a given time?

I hope that makes it a little clearer.   Many many thanks.

James

You wrote:

The issue is when you look at the user folders on the secondary Xeams server you will find that every time an email arrives for that user the inbox.hdr or .xdt(I cant remember) grows a little

This will only happen when Xeams is running in Hybrid Mode. Switch it from Hybrid to Firewall mode and it won't make a copy too *.hdr or *.xdt

Ok, I will give it another try and see (although I have explained above a few times that the server is already in SMTP Server / Firewall Mode and not Hybrid mode)
Do I still need to create the users in Xeams on this server (Secondary) since AD cannot be reached?

Many Thanks, James

James,

If you use Clustering, users will be synchronized by Xeams. However, if you don't use Clustering, you will have to create users on the secondary Xeams manually.

Now since you don't have access to AD from the secondary Xeams, I recommend you create local users and NOT use AD for authentication. This way both Xeams will detach themselves from AD and they will work.