High Availability Mail Server Setup (Postfix + HAProxy + Replication) on Ubuntu 22.04
Introduction
In production, one single mail server is risky.
If it fails, all email services go down.
To avoid downtime, companies use High Availability (HA) setups.
In this guide, we will build a HA mail system using Postfix, Dovecot, HAProxy, and Replication on Ubuntu 22.04.
Architecture Overview
- Two Postfix + Dovecot servers → handle mail processing and store user mailboxes.
- One HAProxy server → load balances requests between mail servers.
- Replication → keeps mailboxes identical across both servers.
- DNS MX records → point to HAProxy for high availability.
Mail flow: User → HAProxy → Mail Server 1 or Mail Server 2.
Step 1: Prepare Servers
We need:
- 2 x Mail Servers (Postfix + Dovecot) → mail1.bitscentric.local, mail2.bitscentric.local
- 1 x HAProxy Load Balancer → haproxy.bitscentric.local
Step 2: Install Postfix + Dovecot on Mail Servers
Run on both mail1 and mail2:
sudo apt update
sudo apt install -y postfix dovecot-core dovecot-imapd dovecot-pop3d
Configure Postfix (/etc/postfix/main.cf):
myhostname = mail1.bitscentric.local # change on mail2 to mail2.bitscentric.local
mydomain = bitscentric.local
myorigin = $mydomain
home_mailbox = Maildir/
inet_interfaces = all
Configure Dovecot (/etc/dovecot/conf.d/10-mail.conf):
mail_location = maildir:~/Maildir
Step 3: Setup Mailbox Replication
We will use Dovecot dsync (recommended) or rsync to replicate mailboxes.
Edit Dovecot config (/etc/dovecot/conf.d/10-master.conf):
service replicator {
unix_listener replicator-doveadm {
user = dovecot
}
}
Enable dsync replication (run on both servers):
doveadm sync -u user1@bitscentric.local tcp:mail2.bitscentric.local
Set up cron job for automatic sync:
*/5 * * * * doveadm sync -A tcp:mail2.bitscentric.local
Step 4: Install HAProxy on Load Balancer
sudo apt update
sudo apt install -y haproxy
Edit HAProxy config (/etc/haproxy/haproxy.cfg):
frontend smtp_frontend
bind *:25
mode tcp
default_backend smtp_backend
backend smtp_backend
mode tcp
balance roundrobin
server mail1 mail1.bitscentric.local:25 check
server mail2 mail2.bitscentric.local:25 check
frontend imap_frontend
bind *:143
mode tcp
default_backend imap_backend
backend imap_backend
mode tcp
balance roundrobin
server mail1 mail1.bitscentric.local:143 check
server mail2 mail2.bitscentric.local:143 check
frontend imaps_frontend
bind *:993
mode tcp
default_backend imaps_backend
backend imaps_backend
mode tcp
balance roundrobin
server mail1 mail1.bitscentric.local:993 check
server mail2 mail2.bitscentric.local:993 check
Step 5: Restart Services
On mail servers:
sudo systemctl restart postfix dovecot
On HAProxy server:
sudo systemctl restart haproxy
Step 6: Configure DNS
Set MX record for domain bitscentric.local to point to HAProxy:
bitscentric.local. IN MX 10 haproxy.bitscentric.local.
Step 7: Testing High Availability
- Send email to
user1@bitscentric.local. - HAProxy will forward request to mail1 or mail2.
- Stop mail1 → mail2 still handles requests.
- Mailboxes stay in sync using dsync.
Benefits of High Availability Mail Server
- No single point of failure – if one server fails, another works.
- Better performance – HAProxy balances the load.
- Mailbox replication – user mails are safe and available on both servers.
- Scalability – easy to add more mail servers.
- Production ready – enterprise-level design.
Best Practices
- Use SSL/TLS on Postfix, Dovecot, and HAProxy for secure communication.
- Implement SPF, DKIM, DMARC DNS records for email delivery.
- Monitor logs (
/var/log/mail.logand/var/log/haproxy.log). - Set up backups for mailbox store and MySQL database.
- Test failover regularly by shutting down one mail server.
Conclusion
We have successfully built a High Availability mail server setup with Postfix + Dovecot + HAProxy + Replication on Ubuntu 22.04.
This design ensures emails are always available, load is balanced, and no single failure can stop your mail service.
This is the kind of setup used in real-world companies for production mail servers.