[Dovecot] HA Mailbox Design

Sat Aug 11 16:02:39 EEST 2012

On 10/8/2012 4:47 πμ, Stan Hoeppner wrote:

> That begs the question,
> what is your definition of a "Highly Available Mail Server"?  What is it
> that you actually want to accomplish?  In some detail please.

OK, I'll make it as much as possible accurate.

Let's skip all the network stuff and see a particular scenario (as we 
have drafted it).

We have an incoming gateway server (gw.example.com) accepting mail and 
filtering viruses/spam. Then it relays all (clean) mail to 
mail1.example.com, which uses Postfix/Dovecot (2.0 or 2.1) and provides 
Maildir mailboxes (POP/IMAP) to users.

Now, let us assume we are deploying another server, mail2.example.com 
(also Postfix/Dovecot), which we want to function as follows:

1. Under normal conditions, mail2.example.com is a full mirror of 
mail1.example.com; when any mail message is added/viewed/moved/removed 
etc. to any user's folder or any folder is added/viewed/moved/removed 
etc. at mail1.example.com, we want it to be automatically and directly 
(in real time) added/viewed/moved/removed etc. to mail2.example.com too. 
In other words, we need continuous, real-time sync.

2. If mail1.example.com for some reason is unavailable, then we will be 
able to manually redirect relaying (of incoming messages) to 
mail2.example.com. Then, users will be able to use mail2.example.com to 
access their mail. Now, when mail1.example.com becomes available again, 
we want to:
a. inform users (by sending them a mail on mail2.example.com) that 
mail1.example.com is available again,
b. stop relaying to mail2.example.com
c. sync once mailboxes on mail1.example.com to mail2.example.com 
(because mail2.example.com is now more current)
d. redirect relaying to mail1.example.com
e. switch to normal operation (see §1 above)

Can I do this and how?

I would call this pseudo-HA, since users have to switch servers in case 
of failures. To use the above as "true" HA (as I view it), there could 
be a mail.example.com functioning as a proxy and automatically 
redirecting users to mail1 or mail2, depending on admins' choice. Can I 
do this too? (How?)

[Google mail is not an option, we don't want external hosting. We can 
have as many high-performance, highly-reliable VMs as we want for free 
on our ISP's network - it's a service to the Greek educational/research 
community. They use two different specialized high-end enterprise-grade 
dedicated virtualization clusters of host hardware (which I -not being 
very accurate- called clouds) on their networks, each of which uses 
dedicated high-end enterprise-grade SAN-based storage. Practically we 
have never had VM outages due to hardware failures, only due to software 
(rarely) or network (mainly) ones. mail1.example.com would be deployed 
on the main virtualization cluster and mail2.example.com would be on the 
the other cluster. KVM is used as host virtualization software.]

Alternative suggestions on design approaches would be welcome.

Thanks and regards,
Nick