Linux - Server This forum is for the discussion of Linux Software used in a server related context. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
06-13-2011, 06:28 PM
|
#1
|
Member
Registered: Aug 2009
Posts: 42
Rep:
|
ISP style mail server questions
We are planning on rolling out a mail service that will backend a webmail/groupware interface using postfix and dovecot, and we are trying to nail down an architecture for the system. I was hoping I could get some opinions from you good people on the different models we have come up with, and any improvements. To preface this discussion, we use NFS as the backend storage for mail so that clusters of mail servers can be created.
One possible solution is to separate three services, inbound email, outbound email, and message retrieval onto separate servers. We currently run a mail system with 65K users in this manner and it works, but there is a lot of wasted cpu on the inbound and outbound mail servers. where the dovecot servers are doing most of the work.
Another solution would be to combine the dovecot and inbound postfix servers to run dovecot as the local transport agent for postfix with LMTP, giving us quota and sieve capability.
The last solution is to run all three services on the same machine, giving us a single server image that we can clone on demand when we need to add more performance.
The single server, all three services, solution seems to be the simplest to build and manage, but putting all your eggs in one basket like that concerns us. What if there is a sudden influx of mail from our filtering platform, and it slows down all the other processes? What if the NFS server becomes disconnected from the network and the load average on each server skyrockets killing the ability for outbound mail to flow (where a separate outbound mail server would continue running despite this issue)?
Pretty much thinking out loud, so please feel free to do the same.
|
|
|
06-14-2011, 11:14 AM
|
#2
|
Senior Member
Registered: Feb 2011
Location: Massachusetts, USA
Distribution: Fedora
Posts: 4,269
|
As far as baskets of eggs go, having 3 servers do different things doesn't improve reliability it makes it 3X worse. If any of the 3 go down, mail is down. Having two servers (1 online and 1 spare) is more reliable. Go to 2 load-balanced online and 1 spare when you start running into performance problems.
If performance is an issue, are you sure you want NAS? Have you looked at a SAN or iSCSI backend? You are more likely to be I/O-bound than CPU-bound, and CPU is cheap to solve compared to storage cost. Either way you still need some kind of clustering software if you want to allow shared access.
I didn't see a mention of backup in your specs. That needs to be part of your decision process also.
I like dovecot as a mail server, but have no opinion on using it as a transfer agent.
Its been a number of years since I last heard someone worry about wasted CPU cycles. If it really bothers you, fold some proteins or something but don't use it to make a decision.
HTH
|
|
|
06-14-2011, 04:24 PM
|
#3
|
Senior Member
Registered: Jan 2010
Location: SI : 45.9531, 15.4894
Distribution: CentOS, OpenNA/Trustix, testing desktop openSuse 12.1 /Cinnamon/KDE4.8
Posts: 1,144
|
hi,
take a look at the iRedMail mail server system out of box
|
|
|
06-16-2011, 02:40 AM
|
#4
|
Member
Registered: Jan 2007
Posts: 39
Rep:
|
yeah iredmail is really great! try it easy to install you know one click install kind. but I have one important question how do I administer it? theres no way to add new users or domains and to manage stuff like out of ouffice or on vacation. please help i installed version 0.7.2 on ubuntu 10.04 desktop so i could use firefox to test the server.
thanks for your help.
|
|
|
06-16-2011, 06:55 AM
|
#5
|
Senior Member
Registered: Jan 2010
Location: SI : 45.9531, 15.4894
Distribution: CentOS, OpenNA/Trustix, testing desktop openSuse 12.1 /Cinnamon/KDE4.8
Posts: 1,144
|
you have postfixadmin installed? The url / pw for accessing was sent to default email which you defined at setup. Take a good look at it (I presume you created default domain and email so the mail contains all the configuration details - https://example.yourdomain.net/postfixadmin would be URL to access it)
Last edited by lithos; 06-16-2011 at 06:57 AM.
|
|
|
06-16-2011, 12:36 PM
|
#6
|
Senior Member
Registered: Jul 2007
Distribution: Gentoo
Posts: 2,125
|
Lithos, your posts are either in response to the wrong thread or off topic. Please keep this thread on topic.
@winairmvs, do you have supporting data to indicate that you have a resource problem? It sounds like you are trying to anticipate and solve a problem that doesn't yet exist and in exchange are potentially creating new problems.
|
|
|
06-16-2011, 06:47 PM
|
#7
|
Senior Member
Registered: Jan 2010
Location: SI : 45.9531, 15.4894
Distribution: CentOS, OpenNA/Trustix, testing desktop openSuse 12.1 /Cinnamon/KDE4.8
Posts: 1,144
|
I'm sorry,
rhlnewbie
Quote:
how do I administer it? theres no way to add new users or domains and to manage stuff like out of ouffice or on vacation
|
It is sure out of OP's topic.
Sorry.
Last edited by lithos; 06-16-2011 at 07:19 PM.
|
|
|
06-16-2011, 07:38 PM
|
#8
|
Senior Member
Registered: Jul 2007
Distribution: Gentoo
Posts: 2,125
|
No worries Lithos,
I think that reply was in response to your iRedMail comment. I have never heard of iRedMail until very recently. DO you have experience with it and would you be willing to share your thoughts on it? The OP seems to be concerned about server load and as anticipating various solutions to deal with the potential problem. Do you know if this is an area where iRedMail has an advantage?
|
|
|
06-17-2011, 05:57 AM
|
#9
|
Senior Member
Registered: Jan 2010
Location: SI : 45.9531, 15.4894
Distribution: CentOS, OpenNA/Trustix, testing desktop openSuse 12.1 /Cinnamon/KDE4.8
Posts: 1,144
|
well, I'm not really of much experience in iRedMail (but they do have forum with great help) and my company needed easy manageable solution for customers emails. I must say, that it was Easy to install and configure (well, I've done it 1st run to try and then moved 2nd to production). It has support/installed out of box with Postfix and Mysql database for domains and user emails (it supports LDAP and some other things I don't know) which are 'protected' by Spamassassin and ClamAV. Domains and emails are configured through Postfixadmin and very easy manageable.
I would suggest if one can try to install it on some Virtualbox machine to try it first to see that it's really easy (with some linux knowledge). As I have no experience in configuring postfix with Spamassassin and ClamAV this was easy like a kid's candy.
Now I have a 100+ customers emails and some 30 domains hosting on the server (Xeon/ 8GB RAM/ RAID6) and it's running without a hitch.
More details I can provide if needed.
|
|
|
06-30-2011, 03:21 PM
|
#10
|
Member
Registered: Aug 2009
Posts: 42
Original Poster
Rep:
|
Sorry for leaving you hanging, I had a baby and was out of the office for a few weeks! Anyways, some background on the reason for the question seems it would be helpful for everyone involved. We currently host an email system that provides for 65,000+ customers, which is designed like option 1 where all three services are on separate clusters of servers. We accomplish this by hosting the email off NFS, and connecting clusters of inbound mail servers, pop/imap servers to the NFS, and having outbound mail on a completely separate set of servers. This is a fantastic way to run a mail system simply because it divides your risk. If the pop/imap server has a kernel panic it won't affect the inbound smtp or outbound smtp services at all since they are on different servers. Since we accept 300,000 messages, and accept 1.5 million pop/imap connections per day, our work load is incredibly dynamic and can shift from 2,000 connections per hour to 20,000. This means we need to be flexible and have more than enough resources available.
@Noway2, we do expect massive loads on this system, as we are moving a great number of the users from our old system to this solution. We also expect to productize the new system and begin selling more accounts, which is why I suggested the all three services on one box. If we were to build a system that we could simply clone (In vmware) and drop it in to add compute power. Obviously I could have a three separate mail server solution and clone those machines to add capacity, but that begins to become a management headache.
We do not want to use a pre-packaged product as it has little flexibility to integrate with our current user management systems, so that's out of the question.
Thanks for your thoughts so far.
|
|
|
07-01-2011, 05:38 AM
|
#11
|
Senior Member
Registered: Jul 2007
Distribution: Gentoo
Posts: 2,125
|
Congratulations on your new edition.
Postfix, the MTA / SMTP server should be able to handle a hefty amount of traffic. The exact amount will depend on the CPU and memory resources it has available, of course, as this will limit the number of process daemons that can be run simultaneously. Disk access may also become a bottle neck if you have a lot of mail. I am pretty sure that there are configuration controls built into it that you can use to modulate or meter the message flow to so many per unit time.
If you are running any sort of anti virus and / or content filtering, these applications will be what really consume you resources because they need to scan the entire message and run processing algorithms on the content. If this becomes your bottleneck, as was suggested in a similar thread, you might want to spit the SMTP (Postfix)+Virus scanning from the Delivery (Dovecot) + Content filtering, with a two server approach.
In my mind, with a large number of customers, I would be more concerned about redundancy in operation that paralleled operation for throughput. If you think about it, it doesn't really matter if all the messages make it out in one second or one hour. There is a good chance that they will get queued up somewhere else and then there will be a delay in reading them. Consequently, super fast sending won't be noticed. However, if part of the system breaks, either send or receive, this will be noticed. To that end, Postfix, at least though I haven't looked at Dovecot, naturally support backup processing.
Using an NFS to me is a double edged sword with both advantages and disadvantages. On the advantages, it is available to multiple servers simultaneously and would help facilitate a redundant or parallel implementation. On the other hand, it another critical resources to break, or lose connection to, etc. The more pieces you have in in the "critical path" the lower the overall reliability.
If you want to offer multiple scales of solution, a virtual host based system would be a good way to go in my mind. This will isolate you from differences in hardware and let you develop AND TEST on a particular software platform that you know works. You could then have template configuration files, which is really the part that will change, that facilitate the partitioning of the services.
Those are my thoughts on the system as a whole, for what it is worth. I would be happy to discuss any part of it in more detail if you like.
|
|
|
All times are GMT -5. The time now is 10:12 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|