Welcome! Log In Create A New Profile

Advanced

Building a redundant mail service

Previous Message Next Message
Forum List Message List New Topic Print View
Nikolaos Milas
September 18, 2014 08:04AM
Hello,

I would appreciate your advice on the following:

We are trying to build a redundant mail service, and we are
investigating the use of nginx as smtp/pop3/imap proxy with TLS/SSL
support (ports 25/587, 143/993, 110/995).

We already have two production mail servers, vmail1 and vmail2, running
postfix/dovecot (with virtual users on LDAP), each running on a separate
data center.

vmail1 is the main one (i.e. the one used to send mail and host users'
mailboxes), vmail2 is only used as a backup.

Mailboxes are using Maildir format and are being synced (in near
real-time) using dovecot dsync service.

IMPORTANT: Each of the two servers has its own distinct server name and
its own separate certificate. This allows proper parallel operation of
postfix and dovecot IMAP syncing.

(I will not describe the incoming mail process, because it is beyond the
scope of this mail.)

Our goal is to allow our users to always use one address, say
*vmail.example.com*, to automatically access SMTP/POP3/IMAP services at
vmail1 and, only if vmail1 is down, at vmail2.

DNS could offer a solution: creating, for example, a CNAME
"vmail.example.com" pointing to vmail1 would probably solve the problem
by using a very low DNS record refresh time and use a script to monitor
vmail1 availability; if vmail1 is down, the script could update the
CNAME to point to vmail2 instead (and force a zone refresh). This could
leave a small downtime window (depending on the refresh time configured).

Yet, I am thinking that it may be more advantageous to use another two
*identical* VMs (one on each data center, for redundancy) running NGINX,
with the common name (and a common certificate for) vmail.example.com
(in DNS: an A record with two IP Addresses). Both proxies would
automatically redirect (via NGINX) all SMTP/POP3/IMAP requests to vmail1
and, only if vmail1 is down, to vmail2, while the user will always
see/configure vmail.example.com as their mail server.

Is this a feasible scenario? Any hints, experiences, configuration
advice, pitfalls, alternative approaches etc. would be greatly appreciated.

Please advise.

Thanks in advance,
Nick

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Reply Quote
RSS
Subject Author Posted

Building a redundant mail service

Nikolaos Milas September 18, 2014 08:04AM

Re: Building a redundant mail service

Cugar15 December 17, 2015 04:55AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 217
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready