.@ Tony Finch – blog

A couple of days ago, one of the departmental email servers trashed a disk and it has been down ever since. They seem to be having some trouble getting it going again. I’ve spent much of today carefully putting together some emergency arrangements for their email.

Firstly, we have to replace the “special route” which sends email to their broken server with a rule that says to just leave the email on the queue. This is so that we can add other rules which do more interesting things, but without changing the basic behaviour. In our configuration, special routes take precedence over most other rules which is why it has to be removed.

kaboom_defer:
  driver		= redirect
  domains		= kaboom.cam.ac.uk
  data			= :defer: email server is currently unavailable
  allow_defer
This changes ppswitch's behaviour slightly, because it will now temporarily reject messages from outside the University instead of accepting and queueing them. So we also need a special router which is less strict about recipient verification for the broken server: 
kaboom_accept:
  driver		= accept
  verify_only
  domains		= kaboom.cam.ac.uk
They are quite lucky in that many of their email addresses have the form crsid@kaboom, and many of their users have Hermes accounts. So a useful thing to do is to spot addresses belonging to Hermes users and send the email there rather than to the broken server. However it isn't as simple as that: if the Hermes user has a filter that redirects their email back to the broken machine, this special arrangement would create a loop. So it only sends messages to Hermes if they didn't come from Hermes... 
kaboom_hermes:
  driver		= redirect
  domains		= kaboom.cam.ac.uk
  local_parts		= +hermes_active
  condition		= ${if !match{$sender_host_name}{cyrus-[0-9]+[.]csi[.]private[.]cam[.]ac[.]uk} }
  data			= $local_part@hermes.cam.ac.uk
  forbid_blackhole
  forbid_file
  forbid_include
  forbid_pipe
  check_ancestor
  retry_use_local_part
Finally, their head of department wants email sent to hod@kaboom.cam.ac.uk to still work during the outage. Rather than create another special-case hack, I just created a managed mail domain for them (i.e. our standard alias-file-based virtual domain setup) which can define temporary arrangements for their non-crsid addresses. So hod@kaboom now goes to the professor's Hermes account.

What fun!