Add another MX record on the domain DNS with a priority different (e.g. 10) from the main server (zero).
0 mx.example.com 10 mx2.example.com
Set up the server and install Postfix.
sudo apt update && sudo apt upgrade -y sudo apt install postfix -y
Choose Internet Site.
Enter the server’s name mx2.example.com.
Edit /etc/postfix/main.cf:
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination relay_domains = example.com myhostname = mx2.example.com mydestination = $myhostname, localhost, localhost.localdomain, mx2.example.com maximal_queue_lifetime = 10d relay_recipient_maps = hash:/etc/postfix/relay_recipients
Create or edit /etc/postfix/relay_recipients accordingly:
[email protected] OK [email protected] OK @example2.com OK
Create the relay_recipients.db and restart Postfix’ service.
sudo postmap /etc/postfix/relay_recipients sudo systemctl restart postfix
Optionally add the SSL/TLS certificate at /etc/postfix/main.cf:
smtpd_tls_cert_file=/etc/ssl/mx2.example.com/pubcert.pem
smtpd_tls_key_file=/etc/ssl/mx2.example.com/privkey.pem
smtpd_tls_security_level = may # or use encrypt to enforce
smtpd_tls_protocols = !SSLv2, !SSLv3 !TLSv1
smtpd_tls_loglevel = 1
Restart Postfix.
sudo systemctl restart postfix
On the PRIMARY SERVER add the IP of the secondary on the file /etc/postfix/main.cf:
smtp_fallback_relay = [200.200.200.200]:25
On the SECONDARY SERVER add the IP of the primary on the /etc/postfix/main.cf:
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 100.100.100.100
Restart both services:
sudo systemctl restart postfix