[Dovecot] replication howto

Matteo Cazzador mcazzador at gmail.com
Mon Mar 19 12:50:39 EET 2012


Hi, i've a simple question, what do you mean for dovecot director setup?
'i've a doubt.
The solution that i'm testing is using 3 mail server in different
geoghrapic locations.
An user can travel in varius location, and i want his imap mail reside
on mail server in every locations.
Sò i use you solution about replication. First server  (by dns record)
that  receive mail sync it on the other servers, and when
user consult is mail by imap protocol everything is sync on all servers.
Do you suggest to use a horizontal structure for it like i explain or
is better to have a single node external mail server
and customer locations server like slave?
Thank's


Il 19 marzo 2012 09:35, Michael Grimm <trashcan at odo.in-berlin.de> ha scritto:
> Hi --
>
>
> On 15.03.2012 22:05, Timo Sirainen wrote:
>>
>> On 15.3.2012, at 22.48, Michael Grimm wrote:
>
>
>>> Actually it's a bad idea to use root for ssh from a security point
>>> of view. A hacked root account isn't fun. Thus, normally one needs
>>> to explicitly change the config of the sshd daemon to allow root
>>> logins (at least with FreeBSD what I'm using). Thus, I do recommend
>>> to use an unprivileged user like vmail.
>>
>>
>> Then again it's safer to use system user accounts than a single vmail
>> account that has access to everyone's emails.
>
>
> Root has access to everyone's mail as well.
>
>
>> And if you allow ssh login only with public key authentication I
>> don't think there are much security issues. And finally, it would
>> be possible to write a small wrapper that allows the root's public
>> key auth to only execute dsync-user.sh script that can't do anything
>> except sync a specified user's mails.
>
>
> All those safety measures can be applied for the vmail user as well.
> Actually, that's what I did in my case, plus allowing ssh only between
> both mail servers (firewall rule).
>
> Regards,
> Michael
>



-- 
Rispetta l'ambiente: se non ti è necessario, non stampare questa mail.
******************************************
Ing. Matteo Cazzador
Email: mcazzador at gmail.com
******************************************


More information about the dovecot mailing list