Postfix high availability keeps SMTP intake available during node outages and maintenance by moving a single service endpoint between cluster members. A floating IP keeps inbound routing stable so clients do not track individual node addresses.
In a Pacemaker cluster managed through pcs, Postfix is registered as a systemd resource and paired with a floating IP resource that provides the SMTP entrypoint. Grouping the resources enforces order so the IP comes up before Postfix starts and drops only after the service stops.
Failover does not merge mail queues. Each node keeps its own queue under /var/spool/postfix, so messages queued on a failed node wait until that node returns unless storage is shared or replicated. Keep configuration, TLS keys, and maps synchronized across nodes, and expect in-flight SMTP sessions to reset during failover.
Steps to set up Postfix high availability with PCS:
- Confirm the cluster is online with quorum.
$ sudo pcs status Cluster name: clustername Cluster Summary: * Stack: corosync (Pacemaker is running) * Current DC: node-01 (version 2.1.6-6fdc9deea29) - partition with quorum * Last updated: Thu Jan 1 04:43:27 2026 on node-01 * Last change: Thu Jan 1 04:43:25 2026 by root via cibadmin on node-01 * 3 nodes configured * 0 resource instances configured Node List: * Online: [ node-01 node-02 node-03 ] Full List of Resources: * No resources Daemon Status: corosync: active/enabled pacemaker: active/enabled pcsd: active/enabled
- Identify the Postfix service unit name.
$ systemctl list-unit-files --type=service | grep -E '^postfix\.service' postfix.service enabled enabled
- Stop the Postfix unit on every cluster node.
$ sudo systemctl stop postfix
Stopping Postfix interrupts SMTP intake until the clustered resource is started.
- Disable the Postfix unit on every cluster node.
$ sudo systemctl disable postfix Synchronizing state of postfix.service with SysV service script with /usr/lib/systemd/systemd-sysv-install. Executing: /usr/lib/systemd/systemd-sysv-install disable postfix Removed "/etc/systemd/system/multi-user.target.wants/postfix.service". Synchronizing state of postfix.service with SysV service script with /usr/lib/systemd/systemd-sysv-install. Executing: /usr/lib/systemd/systemd-sysv-install disable postfix Removed "/etc/systemd/system/multi-user.target.wants/postfix.service". Synchronizing state of postfix.service with SysV service script with /usr/lib/systemd/systemd-sysv-install. Executing: /usr/lib/systemd/systemd-sysv-install disable postfix Removed "/etc/systemd/system/multi-user.target.wants/postfix.service".
Pacemaker starts the unit during failover, so disabling prevents an unmanaged auto-start at boot.
- Create a floating IP resource for the SMTP endpoint.
$ sudo pcs resource create smtp_ip ocf:heartbeat:IPaddr2 ip=192.0.2.25 cidr_netmask=24 op monitor interval=30s
- Create the Postfix service resource.
$ sudo pcs resource create smtp_service systemd:postfix op monitor interval=30s
Related: How to create a Pacemaker resource
- Group the IP resource with the Postfix resource.
$ sudo pcs resource group add smtp-stack smtp_ip smtp_service
- Verify the resource group placement.
$ sudo pcs status resources * Resource Group: smtp-stack: * smtp_ip (ocf:heartbeat:IPaddr2): Started node-01 * smtp_service (systemd:postfix): Started node-01 - Confirm the floating IP is present on the active node.
$ ip -4 address show | grep -F '192.0.2.25/24' inet 192.0.2.25/24 brd 192.0.2.255 scope global secondary eth0 - Check that Postfix is listening on TCP port 25 on the active node.
$ sudo ss -lntp | grep ':25 ' LISTEN 0 100 0.0.0.0:25 0.0.0.0:* users:(("master",pid=2314,fd=13)) LISTEN 0 100 [::]:25 [::]:* users:(("master",pid=2314,fd=14))A restricted inet_interfaces setting can bind Postfix to a specific address instead of 0.0.0.0.
- Run a failover test for the resource group.
Failover tests can reset in-flight SMTP sessions and delay mail delivery.
Mohd Shakir Zakaria is a cloud architect with deep roots in software development and open-source advocacy. Certified in AWS, Red Hat, VMware, ITIL, and Linux, he specializes in designing and managing robust cloud and on-premises infrastructures.
