[Dovecot] Dovecot for production environment
Sorry if this question has been asked before I looked through some of the archives before posting this.
I am considering using dovecot on a small 35 user environment (only around 6 gigs of email) that will be primarly be used with squirrelmail for the MUA. I have been using dovecot for a few weeks now and really like it. It is a big improvement over uw-imap thats for sure. I was wondering how many people in this mailing list are using dovecot for a production email server, and why you chose to use dovecot over cyrus or courier. Or maybe someone feels that dovecot isnt ready for this type of thing just yet. I am all ears so please feel free.
Thanks
Avery
-- Avery Day
We just started using it on a system with more than 50,000 users and it works quite nicely. Migrating from uw-imap to dovecot caused a few problems with some user's mail clients, like Mozilla mail based clients issued command that cuased the server to respond with "Invalid mask", and Eudora's SASL AUTH doesn't seem to work with the pop server, but other than that it seems to work great.
Any word when we are going to see 1.0 =)
Avery Day wrote:
Sorry if this question has been asked before I looked through some of the archives before posting this.
I am considering using dovecot on a small 35 user environment (only around 6 gigs of email) that will be primarly be used with squirrelmail for the MUA. I have been using dovecot for a few weeks now and really like it. It is a big improvement over uw-imap thats for sure. I was wondering how many people in this mailing list are using dovecot for a production email server, and why you chose to use dovecot over cyrus or courier. Or maybe someone feels that dovecot isnt ready for this type of thing just yet. I am all ears so please feel free.
Thanks
-- James L Moser james@powweb.com PowWeb Hosting http://www.powweb.com
/(bb|[^b]{2})/, that is the Question.
mysql>SELECT * FROM user WHERE clue > 0; Empty set (0.03 sec)
Health is merely the slowest possible rate at which one can die... Health nuts are going to feel stupid someday, lying in hospitals dying of nothing...
On Thu, 2004-04-08 at 17:26, James Moser wrote:
We just started using it on a system with more than 50,000 users and it works quite nicely. Migrating from uw-imap to dovecot caused a few problems with some user's mail clients, like Mozilla mail based clients issued command that cuased the server to respond with "Invalid mask", and Eudora's SASL AUTH doesn't seem to work with the pop server, but other than that it seems to work great.
Just b/c I'm curious (and if you want take this offlist is fine) what's your setup look like for this system? Do you have a whitepaper or a layout for it?
Thanks, -sv
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
seth vidal wrote: | On Thu, 2004-04-08 at 17:26, James Moser wrote: | |>We just started using it on a system with more than 50,000 users and it |>works quite nicely. Migrating from uw-imap to dovecot caused a few |>problems with some user's mail clients, like Mozilla mail based clients |>issued command that cuased the server to respond with "Invalid mask", |>and Eudora's SASL AUTH doesn't seem to work with the pop server, but |>other than that it seems to work great. |> | | | Just b/c I'm curious (and if you want take this offlist is fine) what's | your setup look like for this system? Do you have a whitepaper or a | layout for it?
Please use the list.
Also, I am interested in the migration process. If you used scripts (like switch from mbox to Maildir) then which one(s), and did you do some finetuning to them? Did you use the "move to mbox" feature of uw-imap, and if you did how did you handle that when you switched?
Any tricks and experiences are much appreciated.
~ - Jonas
- Jonas Smedegaard - idealist og Internet-arkitekt
- Tlf.: +45 40843136 Website: http://dr.jones.dk/
~ - Enden er nær: http://www.shibumi.org/eoti.htm -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFAdciKn7DbMsAkQLgRAiupAJ9KmysGJhhEdtiQO0CXrDFVbtNC4gCePCF7 8QttYJL6hAmJtaM2uxHN5W0= =bHsg -----END PGP SIGNATURE-----
I didn't convert any mail files... I did copy the .mailboxlist to .subscriptions since dovecot uses a different filename than uw-imap, and I edited the C code so that the pop server wouldn't adervtise it supported SASL PLAIN to make Eudora users happy. For some users, deleting their account settings and resetting them up took care of the Invalid mask problem. I had that problem with Mozilla mail, and two other people had the problem with Mozilla Thunderbird. If it becomes a big enough problem its easy enough to comment out one line of code in dovecot so it won't reply with this error message.
Thats it... overall the migration was pretty easy..
Jonas Smedegaard wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
seth vidal wrote: | On Thu, 2004-04-08 at 17:26, James Moser wrote: | |>We just started using it on a system with more than 50,000 users and it |>works quite nicely. Migrating from uw-imap to dovecot caused a few |>problems with some user's mail clients, like Mozilla mail based clients |>issued command that cuased the server to respond with "Invalid mask", |>and Eudora's SASL AUTH doesn't seem to work with the pop server, but |>other than that it seems to work great. |> | | | Just b/c I'm curious (and if you want take this offlist is fine) what's | your setup look like for this system? Do you have a whitepaper or a | layout for it?
Please use the list.
Also, I am interested in the migration process. If you used scripts (like switch from mbox to Maildir) then which one(s), and did you do some finetuning to them? Did you use the "move to mbox" feature of uw-imap, and if you did how did you handle that when you switched?
Any tricks and experiences are much appreciated.
~ - Jonas
- Jonas Smedegaard - idealist og Internet-arkitekt
- Tlf.: +45 40843136 Website: http://dr.jones.dk/
~ - Enden er nær: http://www.shibumi.org/eoti.htm -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFAdciKn7DbMsAkQLgRAiupAJ9KmysGJhhEdtiQO0CXrDFVbtNC4gCePCF7 8QttYJL6hAmJtaM2uxHN5W0= =bHsg -----END PGP SIGNATURE----
-- James L Moser james@powweb.com PowWeb Hosting http://www.powweb.com
/(bb|[^b]{2})/, that is the Question.
mysql>SELECT * FROM user WHERE clue > 0; Empty set (0.03 sec)
Health is merely the slowest possible rate at which one can die... Health nuts are going to feel stupid someday, lying in hospitals dying of nothing...
Jonas Smedegaard wrote:
Also, I am interested in the migration process. If you used scripts (like switch from mbox to Maildir) then which one(s), and did you do some finetuning to them? Did you use the "move to mbox" feature of uw-imap, and if you did how did you handle that when you switched?
Feel free to search the archives - I recently did a mbox to Maildir conversion, and posted the scripts I used to accomplish this. It worked well in my environment - and was able to traverse a few levels down for uses who had sub-folders.
-Rick
Rick Johnson, RHCE #807302311706007 - rjohnson@medata.com Linux/Network Administrator - Medata, Inc. PGP Public Key: https://mail.medata.com/pgp/rjohnson.asc
<quote who="Rick Johnson"> > Jonas Smedegaard wrote: >> Also, I am interested in the migration process. If you used scripts >> (like switch from mbox to Maildir) then which one(s), and did you do >> some finetuning to them? Did you use the "move to mbox" feature of >> uw-imap, and if you did how did you handle that when you switched? > > Feel free to search the archives - I recently did a mbox to Maildir > conversion, and posted the scripts I used to accomplish this. It worked > well in my environment - and was able to traverse a few levels down for > uses who had sub-folders. > > -Rick > -- > Rick Johnson, RHCE #807302311706007 - rjohnson@medata.com > Linux/Network Administrator - Medata, Inc. > PGP Public Key: https://mail.medata.com/pgp/rjohnson.asc > > I just migrated my email system at home from mbox to maildir using mb2md.pl http://batleth.sapienti-sat.org/projects/mb2md/ it was as easy as mb2md-3.20.pl -R -s ~/mail -d ~/Maildir This is a really cool tool. It was also the best one around that I could find.
-- Avery Day
I'll tell ya anything you wanna know... I'm using FreeBSD 4.9, here is my how I currently configuered it (didn't use the ports)..
./configure --without-shadow --without-pam --without-passwd-file
--without-static-userdb --disable-ipv6 --localstatedir=/var
--with-ssl=openssl --with-ssldir=/var/dovecot/ssl --with-pop3d
--with-storages=mbox
I had the default configure options working too, I just wanted to remove everything I didn't need to increase performance, maybe it doesn't matter... I didn't see much of a change.
We are currently using mbox, and hopefully someday will be converting to maildir, but one step at a time... this is actually one of the reasons I choose to try dovecot.
My dovecot.conf configuration is attached... mostly defaults with some exceptions.... if anyone has some recommendations that'd be great... I have all caching turned off for Imap for other reasons, but it might work fine for you.
seth vidal wrote:
On Thu, 2004-04-08 at 17:26, James Moser wrote:
We just started using it on a system with more than 50,000 users and it works quite nicely. Migrating from uw-imap to dovecot caused a few problems with some user's mail clients, like Mozilla mail based clients issued command that cuased the server to respond with "Invalid mask", and Eudora's SASL AUTH doesn't seem to work with the pop server, but other than that it seems to work great.
Just b/c I'm curious (and if you want take this offlist is fine) what's your setup look like for this system? Do you have a whitepaper or a layout for it?
Thanks, -sv
-- James L Moser james@powweb.com PowWeb Hosting http://www.powweb.com
/(bb|[^b]{2})/, that is the Question.
mysql>SELECT * FROM user WHERE clue > 0; Empty set (0.03 sec)
Health is merely the slowest possible rate at which one can die... Health nuts are going to feel stupid someday, lying in hospitals dying of nothing...
base_dir = /var/dovecot/ protocols = imap imaps pop3 pop3s
imaps_listen = * pop3s_listen = *
ssl_cert_file = /var/dovecot/ssl/certs/imapd.pem ssl_key_file = /var/dovecot/ssl/private/imapd.pem ssl_parameters_file = /var/dovecot/ssl/parameters.dat login_dir = /var/dovecot/login login_chroot = yes
login = imap login_executable = /usr/local/libexec/dovecot/imap-login login_user = dovecot login_process_size = 0 login_process_per_connection = no login_processes_count = 1
login = pop3 login_executable = /usr/local/libexec/dovecot/pop3-login verbose_proctitle = yes verbose_ssl = yes
first_valid_uid = 500 first_valid_gid = 500 valid_chroot_dirs = /var/mail default_mail_env = mbox:%h:INBOX=/var/mail/%u mail_cache_fields = mail_never_cache_fields = MessagePart Bodystructure Body Envelope client_workarounds = oe6-fetch-no-newmail outlook-idle mailbox_check_interval = 0 mailbox_idle_check_interval = 0 mail_full_filesystem_access = no
# Save mails with CR+LF instead of plain LF. This makes sending those mails # take less CPU, especially with sendfile() syscall with Linux and FreeBSD. # But it also creates a bit more disk I/O which may just make it slower. mail_save_crlf = yes
maildir_copy_with_hardlinks = yes maildir_check_content_changes = no mbox_locks = fcntl
imap_executable = /usr/local/libexec/dovecot/imap pop3_executable = /usr/local/libexec/dovecot/pop3
auth = default auth_mechanisms = plain
auth_userdb = passwd auth_passdb = passwd
auth_executable = /usr/local/libexec/dovecot/dovecot-auth auth_user = root auth_count = 5 auth_verbose = yes
On Thu, 2004-04-08 at 14:57 -0700, James Moser wrote:
I'll tell ya anything you wanna know... I'm using FreeBSD 4.9, here is my how I currently configuered it (didn't use the ports)..
I'm actually curious about:
- how many systems?
- how many concurrent users?
- what type of hw is this on?
- what type of mail volume do you have to deal with?
Thanks for all the info - the central powers at duke that be just went through a fairly massive mail system migration and I'm just curious about other systems of similar scale 50K users is similar scale.
Thanks -sv
That was 50,221 users on one dual processor (PIII 3.02Ghz Xeon) dell 2650 with 4gigs of ram. I'm not sure about concurrent users, but we have as many as 10 to 15 authenticated connections per second.
mail01# tail -f /var/log/maillog |grep Login Apr 8 22:07:57 mail01 pop3-login: Login: tinamc [66.74.103.232] Apr 8 22:07:57 mail01 pop3-login: Login: rsqm [66.130.185.91] Apr 8 22:07:57 mail01 pop3-login: Login: jbenalluch [69.140.148.204] Apr 8 22:07:57 mail01 pop3-login: Login: mrjensen [24.0.200.132] Apr 8 22:07:57 mail01 pop3-login: Login: papabear3 [67.38.17.200] Apr 8 22:07:57 mail01 pop3-login: Login: guetta [68.161.98.196] Apr 8 22:07:57 mail01 pop3-login: Login: 10807.postma [24.20.89.23] Apr 8 22:07:58 mail01 pop3-login: Login: ddove [12.202.143.197] Apr 8 22:07:58 mail01 pop3-login: Login: 12061.sarah [66.214.64.87] Apr 8 22:07:58 mail01 pop3-login: Login: lmcooper [148.64.10.179] Apr 8 22:07:58 mail01 pop3-login: Login: k2kast [68.232.127.204] Apr 8 22:07:58 mail01 pop3-login: Login: 4835.uspromo [68.224.241.105] Apr 8 22:07:58 mail01 pop3-login: Login: hnconner [209.17.161.60] Apr 8 22:07:58 mail01 pop3-login: Login: kbechtel [216.153.176.93] Apr 8 22:07:58 mail01 pop3-login: Login: jolthoff [12.219.166.42] Apr 8 22:07:58 mail01 pop3-login: Login: beta [64.203.14.99] Apr 8 22:07:58 mail01 pop3-login: Login: 14185.joe [141.158.63.80] Apr 8 22:07:58 mail01 pop3-login: Login: threebearsjunc [67.38.17.200] Apr 8 22:07:58 mail01 pop3-login: Login: valcarcel [24.184.87.216] Apr 8 22:07:58 mail01 pop3-login: Login: eintec [24.184.87.216] Apr 8 22:07:59 mail01 pop3-login: Login: wardbaxter [24.20.97.47] Apr 8 22:07:59 mail01 imap-login: Login: orangeweb [66.152.97.131] Apr 8 22:07:59 mail01 pop3-login: Login: wlmeyer [69.165.47.173] Apr 8 22:07:59 mail01 pop3-login: Login: 654.amanda [4.242.102.192] Apr 8 22:07:59 mail01 pop3-login: Login: rca_email [66.38.89.33] Apr 8 22:07:59 mail01 pop3-login: Login: christy2 [66.75.155.254] Apr 8 22:08:00 mail01 pop3-login: Login: drolthoff [12.219.166.42] Apr 8 22:08:00 mail01 pop3-login: Login: grant2720 [68.56.3.132] Apr 8 22:08:00 mail01 pop3-login: Login: jbenalluch [69.140.148.204] Apr 8 22:08:00 mail01 pop3-login: Login: joyce465321 [66.82.195.158]
This mail server hosted just over 12,000 virtual domains.... handles thoasands of messages per hour. postfix is running on the same system. Its running beautifully too... I've converted over three more systems with almost identical environments...
seth vidal wrote:
On Thu, 2004-04-08 at 14:57 -0700, James Moser wrote:
I'll tell ya anything you wanna know... I'm using FreeBSD 4.9, here is my how I currently configuered it (didn't use the ports)..
I'm actually curious about:
- how many systems?
- how many concurrent users?
- what type of hw is this on?
- what type of mail volume do you have to deal with?
Thanks for all the info - the central powers at duke that be just went through a fairly massive mail system migration and I'm just curious about other systems of similar scale 50K users is similar scale.
Thanks -sv
-- James L Moser james@powweb.com PowWeb Hosting http://www.powweb.com
/(bb|[^b]{2})/, that is the Question.
mysql>SELECT * FROM user WHERE clue > 0; Empty set (0.03 sec)
Health is merely the slowest possible rate at which one can die... Health nuts are going to feel stupid someday, lying in hospitals dying of nothing...
mail01# tail -f /var/log/maillog |grep Login Apr 8 22:07:57 mail01 pop3-login: Login: tinamc [66.74.103.232] Apr 8 22:07:57 mail01 pop3-login: Login: rsqm [66.130.185.91]
...
This mail server hosted just over 12,000 virtual domains.... handles thoasands of messages per hour. postfix is running on the same system. Its running beautifully too... I've converted over three more systems with almost identical environments...
Ours isn't quite that busy, but yesterday's log:
25# gzcat maillog.0 | grep Login | wc 174342 1569078 13933340
That would be about 7200/hour averaged over the 24 hour day.
That's on a server using Maildir. We have another using mbox, with the same dovecot codebase. It's not as active, but still, I haven't seen any corrupted mbox problems.
mm
I am very impressed as well by dovecot... But the only feature missing is Softquota Maildir++ support.
I had in the idea to add a plugin for dovecot, using Laurent Wacrenier mdq library, but the example on dovecot's website doesn't ever seems to works.
You can find this library there : http://pll.sourceforge.net/man.mdq.html / http://pll.sourceforge.net/ .
How do people in production environment works with quota ? Especialy softquota, since for my point of vue system quota can't deal with my own systems....
/Xavier
On Apr 10, 2004, at 5:51 AM, Xavier Beaudouin wrote:
How do people in production environment works with quota ? Especialy softquota, since for my point of vue system quota can't deal with my own systems....
We just use the system quota and warnquota to email the users when they go over soft quota. We use a 7 day grace period so they get plenty of time and warning via email. We then use a cgi script to allow users to check their quota via the web, and we display it on the active desktop of the public lab machines when then user logs in.
-jared
I am running it in a production environment with about 500 users. I wasn't particularly excited about running pre 1.0 pop3 imap server software but it had all the features I was after.
I was looking for:
- LDAP authentication
- POP3, POP3S, IMAP, IMAPS
- mbox support (simultaneous support for maildir is also nice since we'll hopefully migrate sometime soon.)
- easy but powerful configuration
- a nice responsive developer and support community
- uw-imap compatibility (that's what we were running before)
- written with security in mind
- good documentation
- open source and Free
It's also nicely packaged for debian by the nice folks at braincells.com.
I've been mostly happy. Some things still feel a little fragile.
We've had corrupted mboxes a few times, but I haven't had time to
figure what is at fault. I suppose certain pop clients could be the
problem. The LDAP authentication doesn't seem to work well with
stunnel. Other than these few small blips, it's been running flawlessly
for over 8 months.
One other concern which worries me a little, is that the primary developer Timo seems to have gotten busy or uninterested recently. He was clearly going above and beyond by responding to every question within minutes, but looking at the archives recently he is posting a lot less. I just hope he's busy and not burned out because his work on dovecot is amazing.
-jared
On Apr 8, 2004, at 5:04 PM, Avery Day wrote:
Sorry if this question has been asked before I looked through some of the archives before posting this.
I am considering using dovecot on a small 35 user environment (only around 6 gigs of email) that will be primarly be used with squirrelmail for the MUA. I have been using dovecot for a few weeks now and really like it. It is a big improvement over uw-imap thats for sure. I was wondering how many people in this mailing list are using dovecot for a production email server, and why you chose to use dovecot over cyrus or courier. Or maybe someone feels that dovecot isnt ready for this type of thing just yet. I am all ears so please feel free.
Thanks
Avery
-- Avery Day
I was looking for:
- LDAP authentication
- POP3, POP3S, IMAP, IMAPS
- mbox support (simultaneous support for maildir is also nice since we'll hopefully migrate sometime soon.)
- easy but powerful configuration
- a nice responsive developer and support community
- uw-imap compatibility (that's what we were running before)
- written with security in mind
- good documentation
- open source and Free
We're using it here on two mailservers and I echo the above comments.
One other concern which worries me a little, is that the primary developer Timo seems to have gotten busy or uninterested recently. He was clearly going above and beyond by responding to every question within minutes, but looking at the archives recently he is posting a lot less. I just hope he's busy and not burned out because his work on dovecot is amazing.
He probably is busy but I kinda have the opposite perspective. Seems to me he got it into a shape where it was working quite well before going off and doing a lot of violence to the code for the next iteration. It's nice to have progress but stable checkpoints are good too. I dunno, can't have everything I guess :-)
If there were some real show-stoppers in what we're running now I'd probably have a different opinion.
mm
Jared wrote:
One other concern which worries me a little, is that the primary developer Timo seems to have gotten busy or uninterested recently. He was clearly going above and beyond by responding to every question within minutes, but looking at the archives recently he is posting a lot less. I just hope he's busy and not burned out because his work on dovecot is amazing.
Timo posted recently and said:
Sorry about the lack of replies to questions in this list. Work on the new indexing code has taken way too long, but it's finally beginning to be get near usable state. After it's fully working, I'll start being more active here again.
So I hope that he will be increasingly active on the list again, but there's little point in second guessing the reasons for his absence.
I also am increadably impressed with Dovecot so far, and would like to use it in larger installations once its small outstanding problems are fixed and it reaches 1.0.
Andrew
Jared wrote:
- mbox support (simultaneous support for maildir is also nice since we'll hopefully migrate sometime soon.)
Wow, it keeps getting better and better... is this possible (simultaneous support)? If so how exactly? It would probably make a future migration easier.
-- James L Moser james@powweb.com PowWeb Hosting http://www.powweb.com
/(bb|[^b]{2})/, that is the Question.
mysql>SELECT * FROM user WHERE clue > 0; Empty set (0.03 sec)
Health is merely the slowest possible rate at which one can die... Health nuts are going to feel stupid someday, lying in hospitals dying of nothing...
<quote who="Jared"> > I am running it in a production environment with about 500 users. I > wasn't particularly excited about running pre 1.0 pop3 imap server > software but it had all the features I was after. > > I was looking for: > > - LDAP authentication > - POP3, POP3S, IMAP, IMAPS > - mbox support (simultaneous support for maildir is also nice since > we'll hopefully migrate sometime soon.) > - easy but powerful configuration > - a nice responsive developer and support community > - uw-imap compatibility (that's what we were running before) > - written with security in mind > - good documentation > - open source and Free > > It's also nicely packaged for debian by the nice folks at > braincells.com. > > I've been mostly happy. Some things still feel a little fragile. > We've had corrupted mboxes a few times, but I haven't had time to > figure what is at fault. I suppose certain pop clients could be the > problem. The LDAP authentication doesn't seem to work well with > stunnel. Other than these few small blips, it's been running flawlessly > for over 8 months. > > One other concern which worries me a little, is that the primary > developer Timo seems to have gotten busy or uninterested recently. He > was clearly going above and beyond by responding to every question > within minutes, but looking at the archives recently he is posting a > lot less. I just hope he's busy and not burned out because his work on > dovecot is amazing. > > -jared > > > On Apr 8, 2004, at 5:04 PM, Avery Day wrote: > >> >> Sorry if this question has been asked before I looked through some of >> the >> archives before posting this. >> >> I am considering using dovecot on a small 35 user environment (only >> around >> 6 gigs of email) that will be primarly be used with squirrelmail for >> the >> MUA. I have been using dovecot for a few weeks now and really like it. >> It >> is a big improvement over uw-imap thats for sure. I was wondering how >> many >> people in this mailing list are using dovecot for a production email >> server, and why you chose to use dovecot over cyrus or courier. Or >> maybe >> someone feels that dovecot isnt ready for this type of thing just yet. >> I >> am all ears so please feel free. >> >> Thanks >> -- >> Avery >> >> >> >> -- >> Avery Day >> > >
quote:
corrupted mboxes
Well thats not cool at all. I have been dealing with corrupt mailboxes for the last year on our exchange server. Infact I will be migrating the entire email system from exchange server to a postfix+dovecot+spamassassin+procmail+mailfilter setup hopefully in the next month or two. But hearing about corrupt mailboxes sends shivers up my spine. Infact I didn't think it was possible to have corruption or at least next to impossible with a unix type mailbox systems.
-- Avery Day
On Thursday 08 April 2004 05:21 pm, Avery Day wrote:
Well thats not cool at all. I have been dealing with corrupt mailboxes for the last year on our exchange server. Infact I will be migrating the entire email system from exchange server to a postfix+dovecot+spamassassin+procmail+mailfilter setup hopefully in the next month or two. But hearing about corrupt mailboxes sends shivers up my spine. Infact I didn't think it was possible to have corruption or at least next to impossible with a unix type mailbox systems.
well no not really that depends on the milserver you use. However it is impossible using maildir instead of mbox.
participants (10)
-
Andrew Boothman
-
Avery Day
-
Brook Humphrey
-
James Moser
-
Jared
-
Jonas Smedegaard
-
Mark E. Mallett
-
Rick Johnson
-
seth vidal
-
Xavier Beaudouin