On 8/9/2012 9:58 AM, Nikolaos Milas wrote:
Hi,
We would like to implement a Highly Available Mail Server and would like to ask advice on how to architect this.
Some details on our setup:
Currently we have only one internal mail server (Postfix/Dovecot 2.0 - planning to move to 2.1), receiving mail from a gateway server (filtering spam/viruses) - a Cisco Ironport - which we are considering to replace with one (or a set of) cloud-based Postfix/Amavis-new/SpamAssassin/ClamAV VMs (currently in testing mode).
First, please don't use the term "cloud". That's a marketing buzzword that variously covers many actual network computing architectures. This is a technical mailing list. We use technical terms here, and precise detail of the architecture matters greatly, buzzwords are irrelevant.
Delivery uses Dovecot LDA. User accounts are LDAP-based. We use Maildir and the load is low (aside spam). Only about 250 users/mailboxes (4G each). All servers are CentOS 5.8 (planning move to 6.3) KVM VMs (on a cloud where we don't have control on the host, but on highly reliable hardware/networks).
If you don't control the host you don't control the storage (disks), thus making a traditional "HA" mail server system difficult. You state the "cloud" infrastructure is highly reliable. That begs the question, what is your definition of a "Highly Available Mail Server"? What is it that you actually want to accomplish? In some detail please. Do you mean "POP/IMAP service is always available to clients even when something fails"?
We can have VMs on two different clouds and we also have at least two different connections (routes) to the cloud(s) (to support HA).
Again, please stop talking about "clouds". None of what you just stated above means anything without actual architectural details. When designing/implementing an HA setup, details are absolutely critical, required to make it work. Details, details, details. Also, you've mentioned absolutely nothing about storage. Storage is the pivot pin in an HA setup, the central consideration. HA is built around the storage architecture, not around applications and servers (hosts or VMs).
Any directions will be appreciated. Hoping to design an HA architecture but aiming to keep it simple and (as much as possible) easily maintainable one.
HA architectures are never simple. That's the nature of the beast. And they're typically not cheap to implement as they absolutely require fault tolerant shared storage of one kind or another, either a disk array with dual active/active controllers and PSUs with a cluster filesystem on Dovecot nodes, or storage appliance that offers full redundancy and NFS protocol for Dovecot node access. This prevents single point of failure, which is what HA is all about.
To be quite frank, based upon the level of technical acumen you've demonstrated here, and the general financial position Greece finds itself in, and the fact you're a public institution, it seems you're a much better candidate for a Gmail hosted infrastructure than a VPS infrastructure with some manner of ad hoc software only HA measures bolted on, which is all you can do with VPS servers--you don't control the storage.
Gmail hosted mail instantly gives you a high availability email infrastructure for "free". Cost is negligible for your number of mailboxes. Antispam and all the standard stuff is built in and fairly decent. You get both POP and IMAP connectivity options, allowing access with desktop/mobile MUAs. If you prefer a different web interface you can setup a Horde or Roundcube VM at your "cloud" provider and access the Gmail accounts.
You'll have less "control" of the system, but it will save far more money than a VPS "cloud" solution, be far easier to administer, and the setup can be done in a day, with almost zero administration required afterward. If you have many users with personal Gmail accounts they'll take to it like a duck to water.
If you're looking for a "cloud" based HA email infrastructure at very low cost, you simply can't beat hosted Gmail. Or Google Apps, whatever they call it these days. The downside is it may eliminate your job if you're strictly a dedicated email system administrator.
-- Stan