[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Can we build a proper email cluster? (was: Re: Why is debian.org email so unreliable?)

On Thu, 14 Oct 2004 01:47, Henrique de Moraes Holschuh <hmh@debian.org> wrote:
> On Wed, 13 Oct 2004, Russell Coker wrote:
> > On Wed, 13 Oct 2004 07:29, Henrique de Moraes Holschuh <hmh@debian.org> 
> > > We have a lot of resources, why can't we invest some of them into a
> > > small three or four machine cluster to handle all debian email (MLs
> > > included),
> >
> > A four machine cluster can be used for the entire email needs of a
> > 500,000 user ISP.  I really doubt that we need so much hardware.
> Including the needed redundancy (two MX at least), and a mailing list
> processing facility that absolutely has to have AV and AntiSPAM measures at
> least on the level gluck has right now?

The Debian email isn't that big.  We can do it all on a single machine 
(including spamassasin etc) with capacity to spare.

> Yes, one machine that is just a MTA, without AV or Antispam should be able
> to push enough mail for @d.o.

One machine should be able to do it with AV and antispam.  Four AV/antispam 
machines can handle the load for an ISP with almost 1,500,000 users, one 
should do for Debian.

> But we really should have two of them (in 
> different backbones), with the same priority as MX.


> It would be nice to 
> have a third MTA with less priority and heavier anti-spam machinery
> installed.

Bad idea.

> > OK, having a single dedicated mail server instead of a general machine
> > like master makes sense.
> Two so that we have some redundancy, please. IMHO email is important enough
> in Debian to deserve two full MX boxes (that never forward to one another).

As long as the machine is fixed within four days of a problem we don't need 
more than one.  Email can be delayed, it's something you have to get used to.

> > U320 is not required.  I don't believe that you can demonstrate any
> Required? No. Nice to have given the hardware prices available, probably.
> If the price difference is that big, U160 is more than enough.  But
> top-notch RAID hardware nowadays is always U320, so unless the hotswap U160
> enclosures and disks are that much cheaper...  and the price difference
> from a non top-notch HW RAID controller that is still really good, and a a
> top-notch one is not that big.

We don't need high-end hardware.  Debian's email requirements are nothing 
compared to any serious ISP.

> > http://www.umem.com/16GB_Battery_Backed_PCI_NVRAM.html
> How much?  It certainly looks very good.

If you want to buy one then you have to apply for a quote.

> > I've run an ISP with more than 1,000,000 users with LDAP used for the
> > back-end.  The way it worked was that mail came to front-end servers
> > which did LDAP lookups to determine which back-end server to deliver to. 
> > The
> I meant LDAP being used for the MTA routing and and rewriting. That's far
> more than one lookup per mail message :(

Yes, I've done all that too.  It's really no big deal.  Lots of Debian 
developers have run servers that make all Debian's servers look like toys by 

> > back-end server had Courier POP or IMAP do another LDAP lookup.  It
> > worked fine with about 5 LDAP servers for 1,000,000 users.
> Well, we are talking MTA and not mail stores.  The LDAP workload on a MTA
> is usually quite different for the one in a mail store.

Yes, it should be less load because you don't have POP or IMAP checks.

http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

Reply to: