Configuring Two Postfix mail servers behind HA Proxy load balancer.
Manoj Burande
I am trying to setup a Postfix Mail Server on Fedora10. I am trying
to learn the basic process of setting up and manage a Postfix Mail
Server. Also trying to build a High-Available Postfix Mail Server
set. I have already configured HA Proxy load balancer servers. I just
wanted to place my two postfix mail server behind it.
Is there ANYBODY help me to accomplish the same. Or please provide me
online stuff to set up mail servers behind load balancer.
--
Manoj M. Burande,
Artificial Machines Pvt Ltd,
System Administrator.
Manoj Burande
Christian Recktenwald
a while and co-maintained some exim (oops, I used the 'e' word ;-)
based mail servers also.
On Fri, Nov 27, 2009 at 01:21:13PM +0530, Manoj Burande wrote:
> I am trying to setup a Postfix Mail Server on Fedora10. I am trying
> to learn the basic process of setting up and manage a Postfix Mail
> Server. Also trying to build a High-Available Postfix Mail Server
> set. I have already configured HA Proxy load balancer servers. I just
> wanted to place my two postfix mail server behind it.
First of all I'd like to ask you if you took into account that esp.
email (smtp) has intrinsic features providing service failover and
simple load balancing machanisms.
If you have two mailservers and can give them two differnet IP addresses
you might want to set just two MX records inside your DNS zone file like this:
mydomain.tld IN MX 10 mailserver1.mydomain.tld.
mydomain.tld IN MX 10 mailserver2.mydomain.tld.
Taking into account that the sending mta will take one or the other
host and would give the other one a try if the first one fails,
you might already get wat you want.
In the case this would not solve your problem let's go into detail.
An MTA's work can be divided into several tasks:
- reception of an smtp delivery
- mail evaluation (filtering, scoring)
- mail routing
- mail delivery
- local
- remote
Each of this has different requirements concerning system
resources and environment.
- reception of an smtp delivery
nothing special regarding load balancing:
listen on port 25/tcp, talk (e)smtp
concerning rcpt verification you have to make sure
both servers have a copy of the user and alias data.
- mail evaluation (filtering, scoring)
nothing special either. Just make sure the rule sets are
the same on each system. A Bayes filter may require
some attention on how you handle the Bayes database:
you could just have every system have it's own, relying
on statistical effects to hold them in equivalent state,
simply replicate one of them to the other system the hard way
(cron, rsync) or use a shared storage like spamassassin with
mysql.
- mail routing
also nothing special. Just keep information in sync.
- remote mail delivery
also nothing special. Just keep information in sync.
Maybe you need a source NAT gateway if you can't provide
each system with its own publicly visible ip address.
Up to here it would be straight forward. But ...
- local mail delivery
if you plan to put your email onto disk (local mailspool,
pop, imap, ...) here, you will face a problem: every host writes
on its own disk so the user would have to check on both systems
for his mail - bad idea.
This could be solved by
- a shared storage: NFS Server, NAS, Database (DBMail)
- additional dedicated IMAP or POP Server
Please keep in mind that for high availability you would have to
get the shared storage as well redundant (e.g. Linux w. DRBD, MySQL
cluster) as the load balancer itself (e.g. heartbeat).
HTH, Chris
--
Christian Recktenwald
postfix-u...@citecs.de
Brian Mathis
<manoj....@artificialmachines.com> wrote:
> Hello All,
>
> I am trying to setup a Postfix Mail Server on Fedora10. I am trying
> to learn the basic process of setting up and manage a Postfix Mail
> Server. Also trying to build a High-Available Postfix Mail Server
> set. I have already configured HA Proxy load balancer servers. I just
> wanted to place my two postfix mail server behind it.
>
> online stuff to set up mail servers behind load balancer.
>
> --
> Manoj M. Burande,
> Artificial Machines Pvt Ltd,
> System Administrator.
I'm sure others can help with the HA setup, but I must say that you
should not be building a server (especially an HA one!) based on any
Fedora distro. Fedora is Redhat's testbed where they use very beta
software and is also mainly targeted for dekstop users. It is
absolutely inappropriate for a server setup. Please look at CentOS
for a server-grade Linux distro that is Redhat-based and suitable for
running a server on.
Stefan Förster
> I am trying to setup a Postfix Mail Server on Fedora10. I am trying
> to learn the basic process of setting up and manage a Postfix Mail
> Server.
Trying to learn Postfix by implementing a HA solution is not really a
suitable way, IMHO. In case nobody else is going to post those links:
http://www.postfix.org/BASIC_CONFIGURATION_README.html
http://www.postfix.org/STANDARD_CONFIGURATION_README.html
Perhaps you might want to set up a standard Postfix mailserver before
you work on an HA setup.
> Also trying to build a High-Available Postfix Mail Server
> set. I have already configured HA Proxy load balancer servers. I just
> wanted to place my two postfix mail server behind it.
>
> Is there ANYBODY help me to accomplish the same. Or please provide me
> online stuff to set up mail servers behind load balancer.
The way the SMTP protocl is designe, load balancers are almost always
unnecessary - even HA loadbalancers might reduce availability (if your
only MX entry points to the LB and the receiving Postfix server dies
mid-transaction).
What you want to look at when talking about a HA setup is the
availability to continuously process a mail queue even if one node
dies. You should have a very good reason to invest in such a setup,
for example, sending out large newsletters. If your mailservers
typically run with very small queues and a loss/delay of a single mail
is not a big deal, simply configure two mail servers (and make your
IMAP server/$WHATEVER clustered).
If you absolutely need to make sure that queued mails will be
processed even if the node that "owned" the queue dies, then - and
only then - try to setup a cluster.
So, a quick list of things you should get accomplished:
1. Get a HA storage solution. If e.g. it is some SAN/iSCSI stuff, get it
connected to you two nodes and configure a cluster filesystem (someone
might comment on why a queue on NFS is not a good idea).
Whatever you do, make sure both nodes can access the same filesystem.
2. Get a clustering software working and installed on your nodes.
Pacemaker/Corosync should do the job.
3. Configure two Postfix instances, each with it's own queue
directory. If you don't want to store it's binaries/configuration
files on the clustered filesystem, figure out a way to keep them in
sync on both nodes.
4. Write yourself a resource agent which is capable of stopping and
starting an instance.
5. In your clustering software, configure a "mailserver" resource
using the resource agents from the previous step, and add other
cluster resources (stonith devices, virtual IP addresses) as needed.
Once you are finished, when one of your nodes dies, the Postfix
instance will be started on the remaining node. Since the queue
directory will still be available (clustered filesystem, you
remember?), processing of the queue will continue.
All of this of course doesn't guarantee your users will have access to
your mails - you'll basically need to repeat the above steps for your
IMAP/POP3 server.
Ciao
Stefan
--
Stefan Förster http://www.incertum.net/ Public Key: 0xBBE2A9E9
Tapferkeit ist ein Anfall, der bei den meisten Menschen schnell vorübergeht.