Re: Upgrade a mail server
On Thu, Feb 14, 2002 at 10:33:49AM +0100, Javier Castillo Alcibar wrote:
> Hi all!!
> I have a debian 2.1 email server, with sendmail as smtp server, and
> qpopper as POP3 server. This box hosts several domains (about 100 different
> domains, using virtual hosting), with a total of 1300 users. Because the
> auth method is based on /etc/passwd, I have 1300 unix user accounts, one per
> mailbox, of course.
> This is becomming not scalable, and I want to start to use a mail
> server with auth based on sql, using MySQL for example. I am thinking in use
> a debian woody( I'll wait till woody becomes stable), with sendmail as smtp
> server, but I am not sure about the pop3 daemon I have to use.
Why isn't it scalable?
If the getpwent() calls are getting slow look at using libnss-db:
This package supports using the "db" mechanism for Name Service Switch.
Glibc 2.1.92 and before included this module, but it has been since been
split and is now a separate package. If you use .db files for your
passwd, shadow, group or other naming databases, then you need this module.
Looking things up in db files is simple, fast, and reliable. (An SQL
server is complex, slow for small data sets [ie, has a far higher startup
cost than a flat file], and the complexity can jeapordize the
Keeping the db file sync'd is done via 'make'. (See the 'pam_make'
module for fun.)
> My questions are:
> 1? what POP3 server do you recomend me to use, in order to use sql
> method for auth.??
If you still insist on SQL, use something like nss-mysql:
This package provides a Name Service Switch that allows your MySQL server
act as a name service. It currently features full account support
(shadow,passwd and group).
Installing nscd will make lookups much faster.
(Ie, nscd may cover up some of the startup costs by caching results.)
Then you can use whatever servers you want.
> 2? what's is the way to "transfer" the info (users, passwords,
> emails, etc....) from my old box to my new box and database??
A bit of perl to parse /etc/shadow into the database?
I'd still (and do) use libnss-db. Simple is good. I love MySQL, but
things like /etc/(passwd|shadow) are too critical to trust to something
as complex as MySQL when the db libraries are much much more reliable.