Re: Can we build a proper email cluster? (was: Re: Why is debian.org email so unreliable?)
On Thu, 14 Oct 2004 01:47, Henrique de Moraes Holschuh <hmh@debian.org> wrote:
> On Wed, 13 Oct 2004, Russell Coker wrote:
> > On Wed, 13 Oct 2004 07:29, Henrique de Moraes Holschuh <hmh@debian.org>
wrote:
> > > We have a lot of resources, why can't we invest some of them into a
> > > small three or four machine cluster to handle all debian email (MLs
> > > included),
> >
> > A four machine cluster can be used for the entire email needs of a
> > 500,000 user ISP. I really doubt that we need so much hardware.
>
> Including the needed redundancy (two MX at least), and a mailing list
> processing facility that absolutely has to have AV and AntiSPAM measures at
> least on the level gluck has right now?
The Debian email isn't that big. We can do it all on a single machine
(including spamassasin etc) with capacity to spare.
> Yes, one machine that is just a MTA, without AV or Antispam should be able
> to push enough mail for @d.o.
One machine should be able to do it with AV and antispam. Four AV/antispam
machines can handle the load for an ISP with almost 1,500,000 users, one
should do for Debian.
> But we really should have two of them (in
> different backbones), with the same priority as MX.
Why?
> It would be nice to
> have a third MTA with less priority and heavier anti-spam machinery
> installed.
Bad idea.
> > OK, having a single dedicated mail server instead of a general machine
> > like master makes sense.
>
> Two so that we have some redundancy, please. IMHO email is important enough
> in Debian to deserve two full MX boxes (that never forward to one another).
As long as the machine is fixed within four days of a problem we don't need
more than one. Email can be delayed, it's something you have to get used to.
> > U320 is not required. I don't believe that you can demonstrate any
>
> Required? No. Nice to have given the hardware prices available, probably.
> If the price difference is that big, U160 is more than enough. But
> top-notch RAID hardware nowadays is always U320, so unless the hotswap U160
> enclosures and disks are that much cheaper... and the price difference
> from a non top-notch HW RAID controller that is still really good, and a a
> top-notch one is not that big.
We don't need high-end hardware. Debian's email requirements are nothing
compared to any serious ISP.
> > http://www.umem.com/16GB_Battery_Backed_PCI_NVRAM.html
>
> How much? It certainly looks very good.
If you want to buy one then you have to apply for a quote.
> > I've run an ISP with more than 1,000,000 users with LDAP used for the
> > back-end. The way it worked was that mail came to front-end servers
> > which did LDAP lookups to determine which back-end server to deliver to.
> > The
>
> I meant LDAP being used for the MTA routing and and rewriting. That's far
> more than one lookup per mail message :(
Yes, I've done all that too. It's really no big deal. Lots of Debian
developers have run servers that make all Debian's servers look like toys by
comparison.
> > back-end server had Courier POP or IMAP do another LDAP lookup. It
> > worked fine with about 5 LDAP servers for 1,000,000 users.
>
> Well, we are talking MTA and not mail stores. The LDAP workload on a MTA
> is usually quite different for the one in a mail store.
Yes, it should be less load because you don't have POP or IMAP checks.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
Reply to: