Re: Email cluster
On Thu, Nov 17, 2005 at 05:52:29PM -0300, Pablo wrote:
> We use something like this in our network:
> - The MX has: AV+Spam filters; and relays all mails to the primary
> - The primary server has: pop and imap. Is the mail store and all
> mails from our users goes out troughs this machine (this is our
> smtp.mydomain.com and pop.mydomain.com)
> But what happen when one machine can't manage the entire load, but
> steal needs to work with only one domain (ej: mydomain.com)? In this
> situation some kind of load balance is needed but I have no idea how
> to implement it.
just build another copy of the MX machine, and edit your DNS records to
add another MX at the same (or lower if you prefer) priority. repeat for
as many MX receivers as you want.
note that it is important to make sure that ALL the MX machines have a
list of valid recipient addresses for the domain(s) it serves. exactly
how to do this depends on what MTA software you use - with postfix, you
use a relay_recipient map. this prevents backscatter by enabling 5xx
rejection of mail for unknown users during the SMTP stage.
anyway, this model spreads the load of receiving, spam filtering, and
virus-checking incoming mail across multiple machines while keeping just
one pop/imap/outbound-smtp-relay machine for end-users to use.
another variant on the above is to have one big mail store / outbound
mail relay machine which exports the mail spool via NFS. the MX boxes
mount the mail spool and write mail directly to the spool (without
needing to relay it to the mail store machine). you'd have to use an
NFS-safe mailbox format like Maildir for this to work, AND some way of
sharing account information between machines (LDAP is probably best,
although it's feasible with simple scripts to keep the passwd file in
sync if you only have a few hundred or thousand users).
this second variant is probably better. one big advantage is that you
can set up multiple POP/IMAP machines which also mount the mail spool,
thus spreading the mail-reading load as well. another advantage is that
you don't need to sync the relay_recipient map across all the MX boxes
because you're using LDAP.
craig sanders <firstname.lastname@example.org> (part time cyborg)