How to Setup a Backup Mailbox - Simple Guide to an Affordable Solution

---

Email is a critical communication tool, and downtime in your email service can disrupt business or personal interactions. For users with an existing primary mailbox, setting up a backup mailbox on a shared hosting plan (with cPanel or Plesk) is an easy, affordable and manageable solution.

This guide provides a detailed walkthrough for email users and administrators to setup and configure a backup mailbox on a shared hosting plan. We will learn how to ensure continuous email delivery, even when your primary mailbox experiences downtime.

The Need for a Backup Mailbox

Imagine your primary email server, which hosts your main inbox (e.g., you@yourdomain.com and other email addresses such as sales@yourdomain.com, support@yourdomain.com, and so on), suddenly goes offline due to a technical issue, a server crash, network failure, or a routine maintenance. Without a backup system, emails sent to you@yourdomain.com and other email addresses during this outage, would bounce back to the sender, often with an error message indicating that the recipient's mailbox is unavailable. This can lead to missed opportunities, frustrated clients, and a tarnished professional image.

A backup mailbox acts as a safety net. When the primary server is unreachable, incoming emails are automatically redirected and held by the backup mail server. During the outage you can continue to function using your backup mail server to receive and send out emails. Once your primary mailbox is back online, you can revert back to the primary mail server — ensuring that no communication is lost. This concept is often referred to as email failover or redundancy.

Setting up an Affordable Backup Mailbox

For individuals and small to medium-sized businesses, leveraging a shared hosting plan is often the most affordable way to set up a backup mailbox. Most shared hosting providers offer email hosting as part of their packages. You can utilize an email account on a different hosting plan (separate from your primary host) as your backup. The key is that the backup mail server must be independent of your primary mail server — so that both do not go down at the same time.

Since you will occasionally require to use the backup mail box, it makes sense not to invest too much money on the backup email service. A backup mailbox on a shared hosting plan can act as an affordable secondary email storage system that receives and stores emails when your primary mailbox is down. While there are other more sophisticated ways of setting up and managing a backup mail server, they require technical complexities and are expensive. Hence, in this guide we will only focus only on a simple affordable solution.

How Emails are Routed to the Backup Mailbox

The magic behind email routing lies in DNS records, specifically MX (Mail Exchanger) records. Mail Exchanger (MX) records are a type of DNS records that specify which mail servers accept incoming mail for your domain and where those emails should be routed. When someone sends an email to you@yourdomain.com, their sending mail server performs a DNS lookup to find the MX records for yourdomain.com.

MX records are listed with a "priority" value, also known as "preference" or "distance". A lower number indicates a higher priority. For example:

Name	TTL	Type	Priority	Value (Destination)
yourdomain.com.	14400	MX	10	primary-mailserver.yourdomain.com.
yourdomain.com.	14400	MX	20	backup-mailserver.yourdomain.com.

In this scenario:

1. The sending mail server will first attempt to deliver the email to the mail server with the highest priority, which is primary-mailserver.yourdomain.com (priority 10).

2. If primary-mailserver.yourdomain.com is unreachable or reports a temporary failure, the sending mail server will then attempt to deliver the email to the next higher priority server, which is backup-mailserver.yourdomain.com (priority 20).

3. The backup mail server will deliver the mail to the corresponding inbox setup in the backup mail server.

4. Emails will stay in the inbox of the backup server, which you can access from the webmail interface provided by the backup server hosting plan.

5. Once the primary mail server becomes active again, future emails will be delivered to the primary mail server.

By configuring your MX records with a primary and a backup mail server, you create a failover mechanism that ensures email delivery even during primary server outages.

Prerequisites

Before you begin, ensure you have the following:

1. A Backup Hosting Account: First, you will need a backup mail host. This can be a shared hosting plan where you recreate all your email accounts as they are created at your primary mail server. For this guide, we will largely assume you are using another shared hosting account for the backup with a cPanel access for managing your hosting. We will also explain the procedure for a Plesk Panel which is quite similar.

   Purchase a basic Linux hosting plan with cPanel. This will serve as your secondary location for receiving emails when your primary server is not available.

2. Access to your domain's DNS settings: This is where you will modify your MX records and make some other additional DNS related entries. This is usually managed through your domain registrar or your primary hosting provider's DNS management interface. It is important to note that your domain's DNS must be configured on an independent DNS server and not on the same hosting server where your primary mailbox is hosted. This is necessary so that when your primary server goes down, your DNS is still working.

Configuration

1. Duplicate Your Email Accounts on the Backup Host

Re-create all your email accounts on the backup hosting account. On your newly acquired backup cPanel/plesk host, you will need to create the exact same set of email accounts that you have on your primary mail server. For instance, if you have you@yourdomain.com, sales@yourdomain.com, and support@yourdomain.com on your primary, create these same accounts on your backup host. This ensures that when mail is redirected, there is an inbox ready to receive it. For ease of use, you may create them with the same passwords as that of corresponding email accounts on your primary hosting server.

Follow one of the below steps depending upon which control panel you have for your backup host.

• Setting Up the Backup Mailbox in cPanel

  1. Log in to cPanel: Access your shared hosting account and navigate to the cPanel dashboard.

  2. Navigate to Email Accounts in cPanel.

  3. To Create an Email Account:

     • Click Create. Enter the desired email address such as you@yourdomain.com. Assign the same password as that of you@yourdomain.com on your primary server. Note the storage quota — ensure it is sufficient for storing emails during outages.

     • Click Create to save.

     Create all your email accounts this way.

• Setting Up the Backup Mailbox in Plesk

  Plesk is another popular web hosting control panel, often found on Windows servers but also available for Linux. The principles for setting up a backup mailbox are similar to cPanel, but the interface will differ.

  1. Log in to Plesk: Access your shared hosting account and navigate to the Plesk control panel.

  2. Navigate to Mail in Plesk.

  3. To Create an Email Account:

     • Go to Create Email Address.

     • Enter the desired email address such as you@yourdomain.com. Assign the same password as that of you@yourdomain.com on your primary server. Note the mailbox size — ensure it is sufficient for storing emails during outages.

     • Click OK to create.

     Create all your email accounts this way.

2. Configure MX Records for Failover

This is a crucial step for mail routing, as it tells the internet where to send your emails. Your domain's DNS must be configured on an independent DNS server, such as your domain registrar's DNS management or a dedicated DNS provider (like Cloudflare, Google DNS). Do not manage your DNS on the same host as your primary mail server, as an outage there would impact your DNS, preventing failover.

You will need access to your domain's DNS management console, where you will configure two MX records for your domain: one pointing to your primary mail server and another to your backup mail server.

1. Identify your primary mail server's hostname: This is usually provided by your primary hosting provider and might look something like mail.yourdomain.com or yourdomain.com itself if mail is handled directly by your primary hosting server. Your hosting provider's documentation or support can provide this. You will also be able to see this in your DNS management console under the MX records section — as this would already be setup.

2. Identify your backup mail server's hostname: This is the hostname of the server where you created the backup email account. It must be different from the mail server host name of your primary mail server. If it is not different, you will need to contact your hosting provider to provide you with an alternative FQDN (Fully Qualified Domain Name) for your backup mail server that is mapped to your domain on the same server. For the sake of this article we will assume it is mail.yourbackuphost.com.

3. Log in to your DNS Management console: Locate the section for MX Records or Mail Exchange Records.

4. Check the one already present MX record for your primary mail server. Note its priority value. It would typically be 0 (zero) or 10. Leave this MX record as it is.

5. Add a new MX record (for your backup mail server):

   • Record Type: MX
   • Host/Name: Your domain name (e.g., `yourdomain.com`)
   • Value/Points To: The hostname of your backup mail server (e.g., `mail.yourbackuphost.com`).
   • Priority: Set to a higher number (e.g., `20`) than the priority value set for your primary mail server.
   • TTL (Time To Live): Leave it at default value.

   Example MX Record Configuration:

   
       | Record Type | Host/Name         | Value/Points To          | Priority | TTL      |
       | ----------- | ----------------- | ------------------------ | -------- | -------- |
       | MX          | yourdomain.com.   | mail.yourdomain.com      | 10       | 1700     |
       | MX          | yourdomain.com.   | mail.yourbackuphost.com  | 20       | 1700     |
   	

   Note: Some DNS interfaces require a trailing dot after the domain name in the "Domain" field (e.g., `yourdomain.com.`).

DNS changes can take some time to propagate across the internet (this is known as DNS propagation), usually from 4 hrs to 24 hours, sometimes up to 48 hours. Wait for DNS propagation before proceeding further. You can check the propagation status using tools like whatsmydns.net or mxtoolbox.com.

3. Secure the Backup Mailbox

Most shared hosting plans include Let’s Encrypt SSL certificate which is free. You can take the help of your hosting provider support team to get this installed for your backup host so that during outage of your primary mail server, you can access the email accounts on this backup server securely.

Note that if your FQDN for the backup mail server is same as that for your primary mail server, you will be using an FQDN provided by your backup hosting provider such as mail.yourbackuphost.com. In that case mail.yourbackuphost.com would already be SSL secured. So you can skip this step.

If you would like to set this up yourself, here are the steps:

• In cPanel

  cPanel generally uses AutoSSL to automatically issue and renew SSL certificates for your domains, including mail subdomains (e.g., mail.yourdomain.com). While AutoSSL usually covers mail by default if your mail subdomain is pointed correctly, here is how to ensure it is specifically applied for mail:

  1. Log in to your cPanel account.

  2. Navigate to the Security section and click on SSL/TLS Status.

  3. On the SSL/TLS Status page, you will see a list of your domains and sub-domains.

  4. Look for your mail subdomain (e.g., mail.yourdomain.com).

  5. Ensure there is a green padlock icon next to it, indicating an active SSL certificate. If not, select the checkbox next to your mail subdomain and click Run AutoSSL. AutoSSL will attempt to issue or renew the certificate for the selected sub-domain(s). This process usually completes within a few minutes.

  6. Verify Mail Server Certificate: While AutoSSL covers the mail subdomain, the actual mail services (IMAP, POP3, SMTP) need to be configured to use this certificate.

     • In most modern cPanel setups, AutoSSL automatically configures the mail services to use the issued certificate for the primary domain and its subdomains (including mail).
     • To confirm, you can go to Email Accounts (under the Email section). When you set up a mail client, cPanel will provide the Secure SSL/TLS Settings. These settings should reflect your domain (e.g., mail.yourdomain.com) and the SSL-enabled ports (IMAP: 993, POP3: 995, SMTP: 465).
     • If you encounter issues, seek help from your hosting provider.

• In Plesk

  Plesk offers a straightforward way to secure your mail server with a Let's Encrypt certificate.

  1. Log in to your Plesk panel.

  2. Navigate to Tools & Settings (often found in the left-hand navigation or under Server Management).

  3. Under the Security section, click on SSL/TLS Certificates.

  4. If you haven't issued a Let's Encrypt certificate for your domain yet:

     • Click on the + Let's Encrypt button.
     • Enter your domain name (e.g., yourdomain.com) and a valid email address for notifications.
     • Ensure the "Include a 'WWW' subdomain for the domain and each selected alias" and "Secure webmail on this domain" (and potentially "Assign the certificate to the mail domain" if present) options are checked.
     • Click Install or Get it free.
     • Plesk will generate and install the certificate.

  5. To assign the certificate specifically to the mail server:

     • On the SSL/TLS Certificates page, look for the section "Certificate for securing mail".
     • Click on the [Change] link next to it.
     • In the drop-down list, select the Let's Encrypt certificate you just issued (it will likely be named something like "Lets Encrypt certificate (server pool)" or simply "yourdomain.com (Lets Encrypt)").
     • Click OK.

  Your mail server (IMAP, POP3, SMTP services) on Plesk will now use the chosen Let's Encrypt SSL certificate, ensuring secure communication for your email clients. Remember to configure your mail clients to use SSL/TLS with the secure ports (IMAP 993, POP3 995, SMTP 465). The incoming and outgoing mail server name should typically be mail.yourdomain.com or simply yourdomain.com if that's what the certificate covers.

4. Configure Mail Routing

Mail routing is an important setting for any domain that handles email, determining whether the server itself or an external service is responsible for processing incoming mail. This would already be setup for your primary mail server. You only need to set it up for your backup mail server.

Your backup mail server host should also be setup as a Local Mail Exchanger for mail routing. This means that when an email arrives on the backup host, it knows that there is an existing mailbox for the destination address in the mail and delivers the email to the locally existing mailbox.

• Setting up Local Mail Exchanger in cPanel

  cPanel provides a straightforward interface for managing mail routing.

  1. Log in to your cPanel account.

  2. Navigate to the Email section. Look for an icon or link labeled Email Routing or MX Entry.

  3. Select the Domain: If you have multiple domains on your cPanel account, use the dropdown menu to select the domain for which you want to configure mail routing.

  4. Choose Local Mail Exchanger:

     • Under the Email Routing section, you will usually see a few options. Select Local Mail Exchanger.
     • cPanel will often display a description explaining what this option does.

  5. Save/Change: Click the Change or Save button to apply the setting.

• Setting up Local Mail Exchanger in Plesk

  Plesk also offers a clear way to configure mail routing for your domains.

  1. Log in to your Plesk account.

  2. Go to Websites & Domains: In the left-hand navigation pane, click on Websites & Domains.

  3. Select the Domain: Click on the domain name for which you want to adjust mail settings.

  4. Access Mail Settings: Look for a section or tab related to Mail or Mail Settings. Click on it.

  5. Enable Mail Service and Set to Local:

     • On the Mail Settings page, you will typically find an option to Activate mail service on this domain or similar. Ensure this checkbox is ticked.
     • You might see a dropdown or radio button for Mail exchange. Select Mail exchange on this domain or Local mail exchanger. This explicitly tells Plesk to handle mail for the domain locally.

  6. Apply/OK: Click Apply or OK to save your changes.

It is important to note that both your primary mail server and your backup mail server are configured to act as Local mail exchanger in their own respective networks.

5. Configure SPF Record

During outage of your primary mail server, you would need to send emails from your backup mail server. Hence it is important to validate to the internet world that this second mail server is also a valid mail server for your domain. To do this is very simple - in your domain's SPF record you just need to add a minor entry and you are done.

Open your domain's DNS management interface. Go to the TXT Record section. The TXT record corresponding to SPF may look somewhat like this:

"v=spf1 mx ip4:192.185.73.1 mx:mail.yourdomain.com ~all"

Edit the SPF record to add an additional entry, viz. the IP address of your backup mail server. Say the IP address of your backup mail server is 201.299.129.120, your edited SPF record will become as below:

"v=spf1 mx ip4: 192.185.73.1 mx:mail.yourdomain.com ip4:201.299.129.120 ~all"

After editing the SPF record, allow for at least 4 hours for propagation of DNS changes and now you are ready to send out mails from the backup mail server as well. Note that once you have included your backup mail server in your SPF record, any email that you send out from this second mail server will also be treated as genuine and not marked as spam by the recipient mail servers.

6. Add DKIM Record for Backup Mail Server

DKIM (DomainKeys Identified Mail) is an email authentication method that uses cryptographic signatures to verify the sender and ensure the integrity of email messages. This helps prevent email spoofing and ensures your emails are less likely to be marked as spam. Your DKIM record for your primary mail server would already be setup in your DNS console. Here you only need to add another DKIM record for your backup mail server.

6.1 How to find your DKIM Record?

Here is a brief guide on how to find the DKIM record in cPanel or Plesk and how to make a record entry for it in your DNS management console:

The process for finding your DKIM record varies slightly depending on whether you are using cPanel or Plesk.

• In cPanel

  cPanel's Email Deliverability feature is where you will find your DKIM record.

  1. Log in to your cPanel account.

  2. Navigate to the Email section and click on Email Deliverability.

  3. You will see a list of your domains. Locate the domain you want to check and click the Manage button next to it.

  4. On the next page, scroll down to the DKIM section.

  5. Here, you will find the Suggested 'DKIM' (TXT) Record which includes the Name (often starting with default._domainkey or similar) and the Value (a long string of characters).

  6. Copy both the Name and the Value. You will need these to add the record to your DNS.

• In Plesk

  Plesk also provides a straightforward way to access your DKIM record.

  1. Log in to your Plesk control panel.

  2. In the left-hand menu, select Domains.

  3. Click on the domain name for which you want to configure DKIM.

  4. Navigate to the Mail tab, then select Mail Settings.

  5. If DKIM is not yet enabled for the domain, you might see an option like Use DKIM spam protection system to sign outgoing email messages. Check this box and click OK. Plesk will generate the necessary DKIM records.

  6. Once enabled, or if already enabled, you might see an option like How to configure external DNS or find the records directly under DNS Settings for that domain.

  7. You will typically find two DNS records related to DKIM:

     • One starting with default._domainkey. (this contains the public part of the key).
     • Another one like _domainkey. (this contains the DKIM policy).

  8. Copy the Host or Name (e.g., default._domainkey.yourdomain.com) and the TXT Value or Value for the record containing the long cryptographic string.

6.2 How to Make a DKIM Record Entry in the DNS Management Console?

Once you have the DKIM record (the Name and Value), you will need to add it to your domain's DNS records. Open your DNS management console and navigate to the TXT records section.

1. Look for an option to Add a new record or Create record.

2. You will typically need to provide the following information:

   • Type: Select TXT (Text Record). DKIM records are always TXT records.
   • Host/Name/Subdomain: Paste the Name part of the DKIM record you copied from cPanel or Plesk.

     Important Note: Some DNS providers automatically append your domain name. So, if your cPanel/Plesk DKIM name is default._domainkey.yourdomain.com, you might only need to enter default._domainkey in the Host/Name field. Check your DNS provider's specific instructions or try adding just the selector first.

   • Value/TXT Value/Text: Paste the long alphanumeric Value part of the DKIM record you copied. This is your public key.
   • TTL (Time To Live): This determines how long DNS resolvers cache the record. You can usually leave this as the default or set it to 3600 seconds (1 hour).
3. Save the new DNS record.

6.3 Important Considerations

• DNS Propagation: DNS changes can take some time to propagate across the internet, usually a few minutes to a few hours, but in rare cases, it can take up to 48 hours.

• Verification: After adding the record, you can use online DKIM lookup tools (just search for "DKIM checker") to verify that your DKIM record is correctly published and valid.

• Multiple DKIM Records: Some email services might require additional DKIM records or use different selectors. Always follow the instructions provided by your email service provider if they differ from what cPanel or Plesk generates.

• Private Key Security: Be extremely careful with your private DKIM key (which is generally managed internally by cPanel/Plesk and not directly exposed to you for DNS entry). Exposing it could lead to email impersonation. The public key is what you add to DNS.

By following these steps, you will successfully add your DKIM record, significantly improving your email deliverability and helping to prevent your emails from being flagged as spam.

To understand more about SPF & DKIM, you may refer to our article — How to Fortify your Email with SPF, DKIM, and DMARC.

7. Accessing the Backup Mailbox

Everytime your primary mail server goes down you will need to access your backup mailbox to read received mails and also to send out mails during the outage. You can either access it from the Webmail interface provided by your backup host, or setup an email client on your computer to access via POP3. Develop a habit of occasionally checking this mailbox even when the primary mail server is working.

If you are using an email client such as Outlook or Thunderbird, and like so, you can setup both primary and backup mail boxes on the same client. Thus, you would automatically check both mail boxes daily and not worry about switching. For the backup mailbox setup use the IP address instead of a fully qualified domain name (FQDN). During an outage of your primary mailbox:

• Incoming Mail: Your email client will constantly try to connect to both your primary and backup mail servers. When your primary is down, it will naturally fail to connect to mail.yourdomain.com. However, it will successfully connect to mail.yourbackuphost.com and pull down any new emails received there. You will see emails populate in the Backup inbox within your email client.

• Outgoing Mail: When you need to send an email, if your primary SMTP server is down, you will simply switch to using the Backup SMTP server configuration in your email client to send your messages.

Testing Your Backup Mailbox Setup

After completing all configuration as per above, it is essential to test your setup to ensure that the failover mechanism works as expected.

1. Normal Operation Test: Send an email to your primary email address (you@yourdomain.com) from an external email account. Verify that it arrives in your primary inbox. This confirms that your primary MX record is correctly pointing and receiving mail.

2. Failover Test (Simulated Downtime): Temporarily change the priority of your primary MX record to a higher number than that of your backup MX (e.g., change it from 10 to 30), effectively making it the lowest priority, and then making your backup MX record the highest (e.g., priority 20). Remember to revert these changes after testing. Wait for 24 hours for DNS propagation.

3. Send a few test emails to you@yourdomain.com from different external email accounts.

4. Check your backup mailbox: Log in to the webmail interface of your backup email account (or check its email client if you configured the same). You should see the test emails arriving there. This confirms that the backup mail server is successfully receiving and holding emails when the primary is down.

5. Restore Primary Server and Verify Delivery: Once the test emails are in your backup mailbox, re-enable your primary mail server or revert the MX record changes. After some time (DNS propagation time), newer emails will start getting delivered to your primary inbox.

Maintenance

While shared hosting provides an affordable solution, keep these points in mind:

1. Email Sync/Forwarding: This setup does not automatically synchronize mails between your primary and backup servers. Emails received on the backup server during an outage will stay there. Once your primary server is back online, you will need to manually move those emails from your backup inbox to your primary inbox if you want everything in one place.

2. Spam Filtering: Ensure both mail servers have adequate spam filtering.

3. Notifications : Your hosting provider might send you notifications if your primary mail server is experiencing downtime. This is the time you need to access and use your backup mail server.

4. Email Queue Behavior: Some sending mail servers may queue emails and retry your primary mail server later, delaying failover to the backup mail server. This is normal and depends on the sender’s retry policy (typically 5–30 minutes before trying the backup MX).

5. Storage Quota: Periodically check and ensure your backup mailbox has ample storage to hold emails during extended primary server downtime.

Conclusion

Setting up a backup mailbox on a shared hosting plan is a proactive and smart measure to safeguard your email communication. It is also cost-effective. By configuring a secondary email account, updating DNS records, and monitoring the setup, you can maintain seamless communication during primary mailbox outages.

Investing a little time in this setup can prevent significant headaches and potential losses in the future.

---