[Dovecot] Incoming mails + remote backup
Hello,
I have to take two copy of incoming mails on different servers(local & remote). I am using plain server without any panel on it and using sendmail, pop3 server Dovecot.
Is there a way(any configurations) to take a remote backup for all incoming mails? except configuring forwarder to each mail ID !!!!
Waiting for suggestions. Thanks in advance
-- View this message in context: http://old.nabble.com/Incoming-mails-%2B-remote-backup-tp28137629p28137629.h... Sent from the Dovecot mailing list archive at Nabble.com.
On Sun, Apr 04, 2010 at 11:48:55PM -0700, minim wrote:
I have to take two copy of incoming mails on different servers(local & remote). I am using plain server without any panel on it and using sendmail, pop3 server Dovecot.
Is there a way(any configurations) to take a remote backup for all incoming mails? except configuring forwarder to each mail ID !!!!
Oh yes, quite a few:
Do it on delivery (by configuring your MTA to deliver to two places at once)
Use a tool like imapsync to replicate the mailboxes using IMAP periodically
Use filesystem-level replication (e.g. rsync/unison, ZFS mirroring)
Use block-level replication (e.g. drbd, Netapp snap-mirror)
Which you use will depend partly on what the replica is being used for, e.g. just for archive/audit; how quickly it has to be in sync; what happens when the remote replica is unreachable; and whether you want to be able to failover to the replica for 'live' use, and fail back again.
B.
Brian Candler wrote:
On Sun, Apr 04, 2010 at 11:48:55PM -0700, minim wrote:
I have to take two copy of incoming mails on different servers(local & remote). I am using plain server without any panel on it and using sendmail, pop3 server Dovecot.
Is there a way(any configurations) to take a remote backup for all incoming mails? except configuring forwarder to each mail ID !!!!
Oh yes, quite a few:
Do it on delivery (by configuring your MTA to deliver to two places at once)
Use a tool like imapsync to replicate the mailboxes using IMAP periodically
Use filesystem-level replication (e.g. rsync/unison, ZFS mirroring)
Use block-level replication (e.g. drbd, Netapp snap-mirror)
Which you use will depend partly on what the replica is being used for, e.g. just for archive/audit; how quickly it has to be in sync; what happens when the remote replica is unreachable; and whether you want to be able to failover to the replica for 'live' use, and fail back again.
B.
Thanks for responding. Is it possible to configure MTA to deliver to remote servers? I have tried with imapsync and able to transfer single mail account to remote server. Is there a way to transfer whole server's mail account using imapsync?
-- View this message in context: http://old.nabble.com/Incoming-mails-%2B-remote-backup-tp28137629p28150731.h... Sent from the Dovecot mailing list archive at Nabble.com.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tue, 6 Apr 2010, minim wrote:
mails? except configuring forwarder to each mail ID !!!!
Is it possible to configure MTA to deliver to remote servers?
sendmail can deliver to TCP or Unix socket or via a program. But sendmail cannot deliver the same message twice, once the delivery takes place. As you do not want to add a forward or alias for each account, which probably can be created automatically, you could add a wrapper around your LDA/MDA, that copies the cloned message to yet another system, e.g.:
normal:
/etc/mail/smrsh/dovecot-deliver -f $g -d $u
Wrapper:
/etc/mail/smrsh/wrapper --mode sendmail -f $g -d $u -m $h
=== #!/bin/bash
tmpf=/tmp/wrap.$$.tmp trap 'rc=$?; rm -f '$tmpf' 2> /dev/null;exit $rc' EXIT
cat - > $tmpf || exit /etc/mail/smrsh/dovecot-deliver "$@" < $tmpf || exit #ssh otherserver /etc/mail/smrsh/dovecot-deliver "$@" < $tmpf exit 0
The #ssh line is to forward the message.
you could code a LMTP proxy, sendmail then talks LMTP to the LDA, which splits its input, in order to forward the commands to another LMTP server and calls Dovecot's deliver locally.
BTW: rsync works (see mailing list) reasonably well.
Regards,
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBS7suJb+Vh58GPL/cAQLLHQf/RKjWI1Orb85NpZk2F2OW91laBYa8Hc4t EX4+GccPewSQaYSL6Xat2HN7m7JhNfGqP7byzAPS0UmtSbqp2bQr83pZidVps9rt SwgxUHlxvWn8SoQ2PI25KmDn9SpIv8IM2FxD1S91dLD8x1w41/zTaVzngOviEn0W Doj/hlY/SHU3N0j/usBHX/UtAxRtGs7SWiR8NkXsO+0WE768S5ZejbLZicEoDJxU TYVpT0sqROnysCXsE+AI3pwxm6dcVcbOLxq/gPlLHFwv6DqEwpOvL92I89qzDS61 +UGRh4lf/G/8PpsFd/oK+VVojb6nDuD/qyv5a1Y4ivo8CwMKiWM3lQ== =UGdi -----END PGP SIGNATURE-----
Steffen Kaiser-9 wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tue, 6 Apr 2010, minim wrote:
mails? except configuring forwarder to each mail ID !!!!
Is it possible to configure MTA to deliver to remote servers?
sendmail can deliver to TCP or Unix socket or via a program. But sendmail cannot deliver the same message twice, once the delivery takes place. As you do not want to add a forward or alias for each account, which probably can be created automatically, you could add a wrapper around your LDA/MDA, that copies the cloned message to yet another system, e.g.:
normal:
/etc/mail/smrsh/dovecot-deliver -f $g -d $u
Wrapper:
/etc/mail/smrsh/wrapper --mode sendmail -f $g -d $u -m $h
=== #!/bin/bash
tmpf=/tmp/wrap.$$.tmp trap 'rc=$?; rm -f '$tmpf' 2> /dev/null;exit $rc' EXIT
cat - > $tmpf || exit /etc/mail/smrsh/dovecot-deliver "$@" < $tmpf || exit #ssh otherserver /etc/mail/smrsh/dovecot-deliver "$@" < $tmpf exit 0
The #ssh line is to forward the message.
you could code a LMTP proxy, sendmail then talks LMTP to the LDA, which splits its input, in order to forward the commands to another LMTP server and calls Dovecot's deliver locally.
BTW: rsync works (see mailing list) reasonably well.
Regards,
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBS7suJb+Vh58GPL/cAQLLHQf/RKjWI1Orb85NpZk2F2OW91laBYa8Hc4t EX4+GccPewSQaYSL6Xat2HN7m7JhNfGqP7byzAPS0UmtSbqp2bQr83pZidVps9rt SwgxUHlxvWn8SoQ2PI25KmDn9SpIv8IM2FxD1S91dLD8x1w41/zTaVzngOviEn0W Doj/hlY/SHU3N0j/usBHX/UtAxRtGs7SWiR8NkXsO+0WE768S5ZejbLZicEoDJxU TYVpT0sqROnysCXsE+AI3pwxm6dcVcbOLxq/gPlLHFwv6DqEwpOvL92I89qzDS61 +UGRh4lf/G/8PpsFd/oK+VVojb6nDuD/qyv5a1Y4ivo8CwMKiWM3lQ== =UGdi -----END PGP SIGNATURE-----
Thanks for responding :) Where and how should I use the below wrappers? /etc/mail/smrsh/wrapper --mode sendmail -f $g -d $u -m $h
-- View this message in context: http://old.nabble.com/Incoming-mails-%2B-remote-backup-tp28137629p28175012.h... Sent from the Dovecot mailing list archive at Nabble.com.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Thu, 8 Apr 2010, minim wrote:
Where and how should I use the below wrappers?
You are meddling with the local delivery section of your MTA setup. If you are using sendmail's mc files, change it there. Sadly, lots of distros make the configuration of sendmail "easy" via GUIs, so look there.
/etc/mail/smrsh/wrapper --mode sendmail -f $g -d $u -m $h ^^^^^^^^^^^^^^^^
Remove --mode sendmail, I forgot to remove the arguments, they are part of my personal patches only.
Regards,
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBS72XkL+Vh58GPL/cAQJe+gf/fNATDw38IhW88Bedjftfm6zmmdfvdTMU wekkMMAkv/8d68HtHvpkZ1ffWIvz0wwzH7wxeXvYCSrEZR/LigtGaB4kZRDkBMr0 APU1b1SizRUy05M2o+JTjVdd0a0IWY9REzYYVrdxb1z9IQZnh2NOghhaZCF/iw7f dtFU+ymdAr1i2H4J4NRorAXlkB28d3HGEzbUIvGQS1CcVQ/IJvp9RzbEbPVfADdM Roc2UCShE9RMv8l8H0Qu82HCDztVoivBpq7ZUj8GuU4+FwqsG1vCfEwE6MFc0vud L+eqKP6YqSekTMbAkkIEKTgoO9TFFwiyOXyXLEm27Mcow7CZp74GBw== =ZKz+ -----END PGP SIGNATURE-----
Thanks for your lot more help :)
(-f $g -d $u -m $h) - What are these three options???
Right now I have /etc/smrsh/wrapper and I can find the below line in my sendmail.mc file.
******** FEATURE(smrsh', /usr/sbin/smrsh')dnl ***************
How should I make changes in sendmail.mc file and Is this the only change I should make for things to work??
Thanks in advance.
Steffen Kaiser-9 wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Thu, 8 Apr 2010, minim wrote:
Where and how should I use the below wrappers?
You are meddling with the local delivery section of your MTA setup. If you are using sendmail's mc files, change it there. Sadly, lots of distros make the configuration of sendmail "easy" via GUIs, so look there.
/etc/mail/smrsh/wrapper --mode sendmail -f $g -d $u -m $h ^^^^^^^^^^^^^^^^
Remove --mode sendmail, I forgot to remove the arguments, they are part of my personal patches only.
Regards,
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBS72XkL+Vh58GPL/cAQJe+gf/fNATDw38IhW88Bedjftfm6zmmdfvdTMU wekkMMAkv/8d68HtHvpkZ1ffWIvz0wwzH7wxeXvYCSrEZR/LigtGaB4kZRDkBMr0 APU1b1SizRUy05M2o+JTjVdd0a0IWY9REzYYVrdxb1z9IQZnh2NOghhaZCF/iw7f dtFU+ymdAr1i2H4J4NRorAXlkB28d3HGEzbUIvGQS1CcVQ/IJvp9RzbEbPVfADdM Roc2UCShE9RMv8l8H0Qu82HCDztVoivBpq7ZUj8GuU4+FwqsG1vCfEwE6MFc0vud L+eqKP6YqSekTMbAkkIEKTgoO9TFFwiyOXyXLEm27Mcow7CZp74GBw== =ZKz+ -----END PGP SIGNATURE-----
-- View this message in context: http://old.nabble.com/Incoming-mails-%2B-remote-backup-tp28137629p28176028.h... Sent from the Dovecot mailing list archive at Nabble.com.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Thu, 8 Apr 2010, minim wrote:
(-f $g -d $u -m $h) - What are these three options???
Look at my sample wrapper script, these are passed through to Dovecot deliver.
Right now I have /etc/smrsh/wrapper and I can find the below line in my sendmail.mc file.
******** FEATURE(
smrsh',/usr/sbin/smrsh')dnl ***************
Not the right place.
How should I make changes in sendmail.mc file and Is this the only change I should make for things to work??
You have to configure sendmail to use this wrapper script as your local delivery agent. There are several methods to define it, e.g. via "dovecot" mailer as per Dovecot wiki, or via "procmail" feature, or by changing the local mailer directly. (maybe many more)
Regards,
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBS72jtr+Vh58GPL/cAQKBsAf+PHofL06K76si1eIZFazd6UxIpgk0SDNa 7/LVXfhNLVCGlj1OvvTNg/ag7HqtThtC/6J/oaiYUvLccPGDdNeSIxI0gSqNBl4c I0hrHcY3nTkkKe2uCgNek8iKRgU+uAkXXChWld7V0jRmp7JY35GEfrC+1NBghd86 sOKAeqM9Je5dJ4eYS7eeVnDHDvTS1fKVKcurb2fjJFxwvey7yHjjOYo/fYjh2hsa iCcV+CpmcPRLv0TcVm5gGC5VZ00I3n3DxIFtO5QKaOrd2FenNbDlORXsE1QPl7Lw d5MHog+1dUGsXAw9kgCZIMTjS7Yzx00by9Skpv1mPk2oZxUT93j/Ag== =fq6/ -----END PGP SIGNATURE-----
On Tue, Apr 06, 2010 at 04:59:11AM -0700, minim wrote:
Is it possible to configure MTA to deliver to remote servers?
Certainly. For any complex mail delivery requirements, I'd say that exim is your friend. You can set up routers and transports to do whatever you like.
This is out of the scope of dovecot of course, but the exim-users mailing list will be helpful if you get stuck.
I have tried with imapsync and able to transfer single mail account to remote server. Is there a way to transfer whole server's mail account using imapsync?
I don't think so, not without some major frigs; you'd need the login credentials of each user to establish the imap connections.
This is where filesystem-level synchronisation like unison may help. I'd strongly recommend Maildir format, and you may get problems if users frequently access their mailboxes on both the primary and the backup servers, because you may end up with conflicting changes made at both sides. Using Maildir, no mail should be lost, but there may be conflicts over metadata like message flags and UIDs.
If you're keeping the backup just for disaster recovery, it should be fine.
(I use unison for syncing Maildirs between my desktop and laptop all the time, but I access the Maildirs directly using mutt, rather than via IMAP)
B.
On Tue, Apr 06, 2010 at 02:35:20PM +0100, Brian Candler wrote:
I have tried with imapsync and able to transfer single mail account to remote server. Is there a way to transfer whole server's mail account using imapsync?
I don't think so, not without some major frigs; you'd need the login credentials of each user to establish the imap connections.
Actually, I just found out about this: http://wiki.dovecot.org/Authentication/MasterUsers
However I still think you'd need to sync each user's mailbox individually. Maybe some clever tricks like monitoring the filesystem with inotify could make it happen on-demand.
participants (3)
-
Brian Candler
-
minim
-
Steffen Kaiser