[Dovecot] HA Mailbox Design
Stan Hoeppner
stan at hardwarefreak.com
Fri Aug 10 04:47:50 EEST 2012
On 8/9/2012 9:58 AM, Nikolaos Milas wrote:
> Hi,
>
> We would like to implement a Highly Available Mail Server and would like
> to ask advice on how to architect this.
>
> Some details on our setup:
>
> Currently we have only one internal mail server (Postfix/Dovecot 2.0 -
> planning to move to 2.1), receiving mail from a gateway server
> (filtering spam/viruses) - a Cisco Ironport - which we are considering
> to replace with one (or a set of) cloud-based
> Postfix/Amavis-new/SpamAssassin/ClamAV VMs (currently in testing mode).
First, please don't use the term "cloud". That's a marketing buzzword
that variously covers many actual network computing architectures. This
is a technical mailing list. We use technical terms here, and precise
detail of the architecture matters greatly, buzzwords are irrelevant.
> Delivery uses Dovecot LDA. User accounts are LDAP-based.
> We use Maildir and the load is low (aside spam). Only about 250
> users/mailboxes (4G each). All servers are CentOS 5.8 (planning move to
> 6.3) KVM VMs (on a cloud where we don't have control on the host, but on
> highly reliable hardware/networks).
If you don't control the host you don't control the storage (disks),
thus making a traditional "HA" mail server system difficult. You state
the "cloud" infrastructure is highly reliable. That begs the question,
what is your definition of a "Highly Available Mail Server"? What is it
that you actually want to accomplish? In some detail please. Do you
mean "POP/IMAP service is always available to clients even when
something fails"?
> We can have VMs on two different clouds and we also have at least two
> different connections (routes) to the cloud(s) (to support HA).
Again, please stop talking about "clouds". None of what you just stated
above means anything without actual architectural details. When
designing/implementing an HA setup, details are absolutely critical,
required to make it work. Details, details, details. Also, you've
mentioned absolutely nothing about storage. Storage is the pivot pin in
an HA setup, the central consideration. HA is built around the storage
architecture, not around applications and servers (hosts or VMs).
> Any directions will be appreciated. Hoping to design an HA architecture
> but aiming to keep it simple and (as much as possible) easily
> maintainable one.
HA architectures are never simple. That's the nature of the beast. And
they're typically not cheap to implement as they absolutely require
fault tolerant shared storage of one kind or another, either a disk
array with dual active/active controllers and PSUs with a cluster
filesystem on Dovecot nodes, or storage appliance that offers full
redundancy and NFS protocol for Dovecot node access. This prevents
single point of failure, which is what HA is all about.
To be quite frank, based upon the level of technical acumen you've
demonstrated here, and the general financial position Greece finds
itself in, and the fact you're a public institution, it seems you're a
much better candidate for a Gmail hosted infrastructure than a VPS
infrastructure with some manner of ad hoc software only HA measures
bolted on, which is all you can do with VPS servers--you don't control
the storage.
Gmail hosted mail instantly gives you a high availability email
infrastructure for "free". Cost is negligible for your number of
mailboxes. Antispam and all the standard stuff is built in and fairly
decent. You get both POP and IMAP connectivity options, allowing access
with desktop/mobile MUAs. If you prefer a different web interface you
can setup a Horde or Roundcube VM at your "cloud" provider and access
the Gmail accounts.
You'll have less "control" of the system, but it will save far more
money than a VPS "cloud" solution, be far easier to administer, and the
setup can be done in a day, with almost zero administration required
afterward. If you have many users with personal Gmail accounts they'll
take to it like a duck to water.
If you're looking for a "cloud" based HA email infrastructure at very
low cost, you simply can't beat hosted Gmail. Or Google Apps, whatever
they call it these days. The downside is it may eliminate your job if
you're strictly a dedicated email system administrator.
--
Stan
More information about the dovecot
mailing list