Il 01/10/2010 18:55, Ed W ha scritto:
On 01/10/2010 17:23, Timo Sirainen wrote:
I'm quite possibly missing the point, but you might restructure your application to have:
- one mysql db (replicated if necessary for robustness) with ALL customer data in it
- pool of postfix servers which auth to the remote db (they can be persuaded to cache auth results if you wish)
You are completely right, I simply don't like the idea to have one single big db with user data and all troubles that can happen (performance, replication configuration, data corruption...)
Could have completely missed the point, but this way you get a shared pool of frontend machines (so might as well spam/av block on them), which then use a transport map to get the mail internally to the correct mailbox server. You can obviously also use a similar sql query to ask Dovecot frontend servers to proxy connections to the correct backend server...
I already have a pool of frontend server (MX) that do AV/Spam filtering and a transport map to the internal machine, but I don't do any query, I verify the existence of the recipient via recipient address verification before queue with Postfix.
I think - for now - I will try authentication with multiple database with Dovecot, by now I only have 4 internal servers with MySQL, so performance I hope will not be a problem considering that Dovecot cache the results.
I can also implement a procedure that periodically extract only user/password from the internal DB and export them to the smtp auth db servers, but it's not in real time and may be I'll encounter some locking/performance problem during export/import.