I'll post about it on my blog - http://portaldeveloper.blogspot.com, will k try to get a visio diagram in there..
But here's the jist of it..
- Mailrouter (postfix w/ ldap support)
- Mailhost1 (postfix / mailDir delivery / courier-imapd w/ ldap support)
- Mailhost2 (postfix / mailDir delivery / courier-imapd w/ ldap support)
The mailhosts are individual partitions of the entire mail delivery landscape. Basically, each server holds it's own set of users - let's say 75K per server. OpenLDAP will be installed on the mailhost(s), and will only hold user accounts and deliver only to users that it services (share nothing approach).
we'll have a ldap tree like this
dc=testbed, dc=com ou=vmail, dc=testbed, dc=com ou=mailhost1, ou=vmail, dc=testbed, dc=com ou=mailhost2, ou=vmail, dc=testbed, dc=com
mailhost1 has an ldap server (master) that services users under the subtree
ou=mailhost1, ou=vmail, dc=testbed, dc=com
mailhost2 has an ldap server (master) that services users under the subtree
ou=mailhost2, ou=vmail, dc=testbed, dc=com
now for the mailrouter, it's also has it's own local ldap server, which sync-replicates from the two master. Basically, it will tie together those two subtrees into one consistent view for use by postfix on the mailrouter, the end result is an smtp forward to the proper backend mailhost for local delivery.
so that a ldap subsearch on ou=vmail, dc=testbed, dc=com with something like
(&(objectClass=CourierMailAccount)(mail=someusers@somemail.com))
will return the mailHost attribute <-- postfix will automatically forward the message to the properly mailhost for local delivery.
Now for horizontal scalability, it's easy enough to add a new mailhost that will service another 75k users. If the mailrouter is becoming a bottle - it's also quite easy to scale it by adding another mailrouter box.
HUB = mailrouter SPOKE = mailhosts
If you want to prototype such a system and need help in configuring all the various bit, e-mail me and i'll send you the compile flags, configuration files..
G
Hi George Daswani,
This looks like a fine architecture to me, but I do have one question.
What is the reason you are going to use courier-imapd? I do use it myself currently in combination with ldap, but I'm considering dovecot. As far as I can find information about it, it seems a little more scalable and has better performance in large environments. What is your experience with it?
Maybe the quota support, but in a webmail-only environment this could largely be solved in postfix, I guess.
Greetings! Pieter Hoekstra.
George Daswani schreef:
One of the admins used Courier-IMAP in a production setting and liked it (in conjunction with postfix) in terms of stability. I personally have not use dovecot, hence won't be able to comment.
In regards to a users quota, yes - it's not really an issue as postfix supports mailDir quota's on delivery.. I'm not sure if other imap servers reads the maildirsize file.
G
-
George Daswani -
Pieter