Hi,
I will probably have to design an e-mail (and other components) infrastructure for a small ISP soon (WISP).
I'm doing some research to determine which components would be best to offer e-mail services to their client and allow the staff to manage accounts easily.
I usually use virtual machines a lot for isolation and easy backups and migration (when a hardware node is underpowered, it is easy to migrate one or more virtual machines to another hardware node easily).
I have looked at iSCSI and drbd for high-availability of the storage: http://www.pcpro.co.uk/realworld/82284/san-on-the-cheap/page1.html.
This looks like it should be doing a great job of high availability storage.
For mail server, I guess I should look at an MTA and IMAP/POP server that supports LDAP and/or MySQL for users. Postfix should be a good choice for MTA, as I know it (at least a little, but I know sendmail better). For IMAP/POP, I'm not sure... Would dovecot be sufficient, or should I try cyrus. I'd rather use components that are available for base or extras repository (or rpmforge). I think that squirrelmail and horde would do a good job for webmail.
There shoudn't be any troubles having some redundancy for DNS, web servers, mtas, but what about IMAP/POP? linux-HA? MySQL replication should be enough, I guess. Or maybe linux-HA as well. I wonder if I should add GFS to the mix to have multiple IMAP/POP servers use the same storage. Or maybe IMAP proxies?
Any insights welcome :).
Ugo
It's been awhile since I looked into it, but I recommend outsourcing your email.
Companies like fusemail (http://www.fusemail.com/solutions/resellers.html) will give you accounts at $0.69/month/account for a 1GB account (last time I checked anyway). They provide an API and a dashboard for managing it. They also handle backups, I believe (read the fine print before you trust me). I think there is spam filtering and anti-virus built in too.
On Jan 3, 2008 9:09 AM, Ugo Bellavance ugob@lubik.ca wrote:
Hi,
I will probably have to design an e-mail (and other components)infrastructure for a small ISP soon (WISP).
I'm doing some research to determine which components would be bestto offer e-mail services to their client and allow the staff to manage accounts easily.
I usually use virtual machines a lot for isolation and easy backupsand migration (when a hardware node is underpowered, it is easy to migrate one or more virtual machines to another hardware node easily).
I have looked at iSCSI and drbd for high-availability of thestorage: http://www.pcpro.co.uk/realworld/82284/san-on-the-cheap/page1.html.
This looks like it should be doing a great job of high availability storage.
For mail server, I guess I should look at an MTA and IMAP/POPserver that supports LDAP and/or MySQL for users. Postfix should be a good choice for MTA, as I know it (at least a little, but I know sendmail better). For IMAP/POP, I'm not sure... Would dovecot be sufficient, or should I try cyrus. I'd rather use components that are available for base or extras repository (or rpmforge). I think that squirrelmail and horde would do a good job for webmail.
There shoudn't be any troubles having some redundancy for DNS, webservers, mtas, but what about IMAP/POP? linux-HA? MySQL replication should be enough, I guess. Or maybe linux-HA as well. I wonder if I should add GFS to the mix to have multiple IMAP/POP servers use the same storage. Or maybe IMAP proxies?
Any insights welcome :).Ugo
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Gary Richardson wrote:
It's been awhile since I looked into it, but I recommend outsourcing your email.
Companies like fusemail (http://www.fusemail.com/solutions/resellers.html http://www.fusemail.com/solutions/resellers.html) will give you accounts at $0.69/month/account for a 1GB account (last time I checked anyway). They provide an API and a dashboard for managing it. They also handle backups, I believe (read the fine print before you trust me). I think there is spam filtering and anti-virus built in too.
Good idea, but that means no consulting fees for me ;).
I'll consider it, that is a fairly good idea.
Regards,
Ugo
ah but if you give them a quality product(even outsourced) and it works for them while you won't see the extra fees up front it will pay off in terms of they will call on you later for more help AND you will get referrals from others.
Ugo Bellavance wrote:
Gary Richardson wrote:
It's been awhile since I looked into it, but I recommend outsourcing your email.
Companies like fusemail (http://www.fusemail.com/solutions/resellers.html http://www.fusemail.com/solutions/resellers.html) will give you accounts at $0.69/month/account for a 1GB account (last time I checked anyway). They provide an API and a dashboard for managing it. They also handle backups, I believe (read the fine print before you trust me). I think there is spam filtering and anti-virus built in too.
Good idea, but that means no consulting fees for me ;).
I'll consider it, that is a fairly good idea.
Regards,
Ugo
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Gary Richardson wrote:
It's been awhile since I looked into it, but I recommend outsourcing your email.
Erks. I wonder why *anyone* in his sane mind would do so (okay, here it is smallish ISP but I - as a customer - trust my ISP to handle my mail and would get another ISP as soon as I knew that it is outsourcing mail).
For mail server, I guess I should look at an MTA and IMAP/POPserver that supports LDAP and/or MySQL for users. Postfix should be a good choice for MTA, as I know it (at least a little, but I know sendmail better).
Then why not use sendmail? Once it is configured properly, maintaining users is the same as with other MTAs.
For IMAP/POP, I'm not sure... Would dovecot be sufficient, or should I try cyrus. I'd rather use components that are available for base or extras repository (or rpmforge). I think that squirrelmail and horde would do a good job for webmail.
I've heard that dovecot scales pretty good. If you want to be on the safe side, cyrus probably scales way beyond what you need, but is also harder to maintain.
There shoudn't be any troubles having some redundancy for DNS, webservers, mtas, but what about IMAP/POP?
If you're already thinking about drbd - why not share the imap store also? And: There still is the Cyrus Murder for bigger setups, which allows for flexibility within IMAP frontend and backend servers.
Or maybe IMAP proxies?
See http://cyrusimap.web.cmu.edu/twiki/bin/view/Cyrus/CyrusCluster which should answer most of your questions regarding HA within an imap setup.
Cheers,
Ralph
Ralph Angenendt wrote:
Gary Richardson wrote:
It's been awhile since I looked into it, but I recommend outsourcing your email.
Erks. I wonder why *anyone* in his sane mind would do so (okay, here it is smallish ISP but I - as a customer - trust my ISP to handle my mail and would get another ISP as soon as I knew that it is outsourcing mail).
Thanks for the input. Other comments below.
For mail server, I guess I should look at an MTA and IMAP/POPserver that supports LDAP and/or MySQL for users. Postfix should be a good choice for MTA, as I know it (at least a little, but I know sendmail better).
Then why not use sendmail? Once it is configured properly, maintaining users is the same as with other MTAs.
I know that it supports ldap, but does it support MySQL or another DBMS for addresses lookup?
For IMAP/POP, I'm not sure... Would dovecot be sufficient, or should I try cyrus. I'd rather use components that are available for base or extras repository (or rpmforge). I think that squirrelmail and horde would do a good job for webmail.
I've heard that dovecot scales pretty good. If you want to be on the safe side, cyrus probably scales way beyond what you need, but is also harder to maintain.
Ok, but does it scales good like in one server can handle a lot or that it is easy to have multiple dovecot servers serve one domain in a transparent manner?
There shoudn't be any troubles having some redundancy for DNS, webservers, mtas, but what about IMAP/POP?
If you're already thinking about drbd - why not share the imap store also?
You're right. But I'd need to have a second server ready to take the load if the first crashes.
And: There still is the Cyrus Murder for bigger setups, which allows for flexibility within IMAP frontend and backend servers.
I wasn't aware of the existence of Cyrus Murder, I'll look it up.
Or maybe IMAP proxies?See http://cyrusimap.web.cmu.edu/twiki/bin/view/Cyrus/CyrusCluster which should answer most of your questions regarding HA within an imap setup.
Wow, that is great, thanks!
It's been awhile since I looked into it, but I recommend outsourcing your email.
Companies like fusemail (http://www.fusemail.com/solutions/resellers.html ) will give you accounts at $0.69/month/account for a 1GB account (last time I checked anyway). They provide an API and a dashboard for managing it. They also handle backups, I believe (read the fine print before you trust me). I think there is spam filtering and anti-virus built in too.
Kept thinking that as well. Only issue is that 0.69 x 2000 equals a pretty good chunk of change for us. One thing I would reccommend though is putting it in a colocation facillity rather then local. Also start with a beefy machine because its a real pain to upgrade later.
Matt
Matt wrote:
It's been awhile since I looked into it, but I recommend outsourcing your email.
Companies like fusemail (http://www.fusemail.com/solutions/resellers.html ) will give you accounts at $0.69/month/account for a 1GB account (last time I checked anyway). They provide an API and a dashboard for managing it. They also handle backups, I believe (read the fine print before you trust me). I think there is spam filtering and anti-virus built in too.
Kept thinking that as well. Only issue is that 0.69 x 2000 equals a pretty good chunk of change for us. One thing I would reccommend though is putting it in a colocation facillity rather then local. Also start with a beefy machine because its a real pain to upgrade later.
I don't know if they have space already, but I agree on colocation. For the upgrade, I'll probably virtualize it, so it is easy to upgrade the host when needed.
Regards,
Ugo
On Friday 04 January 2008 00:09:06 Ugo Bellavance wrote:
I think that squirrelmail and horde would do a good job for webmail.
There shoudn't be any troubles having some redundancy for DNS, web servers, mtas, but what about IMAP/POP? linux-HA? MySQL replication should be enough, I guess. Or maybe linux-HA as well. I wonder if I should add GFS to the mix to have multiple IMAP/POP servers use the same storage. Or maybe IMAP proxies?
Any insights welcome :).
Hi Ugo, Congrats on your plan opening the ISP. For webmail, a professional touch would be nice for your customer. Instead of using plain squirrelmail, try using http://www.nutsmail.com/ instead.
AFAIK, redundancy for mail server seldom uses linux-ha/any other failover stuffs. It is most common to use 'backup MX' in DNS settings. So, when the main server in unreachable, the sender mail server would try to the secondary MX through DNS query.
Fajar Priyanto wrote:
On Friday 04 January 2008 00:09:06 Ugo Bellavance wrote:
I think that squirrelmail and horde would do a good job for webmail.
There shoudn't be any troubles having some redundancy for DNS, web servers, mtas, but what about IMAP/POP? linux-HA? MySQL replication should be enough, I guess. Or maybe linux-HA as well. I wonder if I should add GFS to the mix to have multiple IMAP/POP servers use the same storage. Or maybe IMAP proxies?
Any insights welcome :).
Hi Ugo, Congrats on your plan opening the ISP.
Thanks, but I will only be doing some work for them, I'm not opening the ISP myself...
For webmail, a professional touch would be nice for your customer. Instead of using plain squirrelmail, try using http://www.nutsmail.com/ instead.
Good Idea
AFAIK, redundancy for mail server seldom uses linux-ha/any other failover stuffs. It is most common to use 'backup MX' in DNS settings. So, when the main server in unreachable, the sender mail server would try to the secondary MX through DNS query.
That's the easy part, but where do you store the e-mail once you have accepted it? If the pop/IMAP server is down for a while, people won't be able to retreive their e-mail...
On Friday 04 January 2008 10:30:32 Ugo Bellavance wrote:
AFAIK, redundancy for mail server seldom uses linux-ha/any other failover stuffs. It is most common to use 'backup MX' in DNS settings. So, when the main server in unreachable, the sender mail server would try to the secondary MX through DNS query.
That's the easy part, but where do you store the e-mail once you have accepted it? If the pop/IMAP server is down for a while, people won't be able to retreive their e-mail...
The secondary MX will temporarily store the mails. And when the primary server is up again, it will get all the mail from the secondary. Yes. there will be a down time in terms of mail service for users.
Maybe others can recommend a better best practice for this.
Fajar Priyanto wrote:
On Friday 04 January 2008 10:30:32 Ugo Bellavance wrote:
AFAIK, redundancy for mail server seldom uses linux-ha/any other failover stuffs. It is most common to use 'backup MX' in DNS settings. So, when the main server in unreachable, the sender mail server would try to the secondary MX through DNS query.
That's the easy part, but where do you store the e-mail once you have accepted it? If the pop/IMAP server is down for a while, people won't be able to retreive their e-mail...
The secondary MX will temporarily store the mails. And when the primary server is up again, it will get all the mail from the secondary. Yes. there will be a down time in terms of mail service for users.
Maybe others can recommend a better best practice for this.
Yes. No backup mx. You ought to have a cluster of mail servers to accept mails for your domain if you need HA. Otherwise, let incoming emails queue at their sending hosts as setting up a 'backup' mx that will only hold the email and then pass them onto the 'primary' is really pointless and only serves to 1) delay delivery of mail and 2) delay notification of mail delay to the sending party. It is no longer acceptable today to wait for a week before notifying the sender of non-delivery. The idea of a backup mx no longer fits today's communications.
Christopher Chan wrote:
Fajar Priyanto wrote:
On Friday 04 January 2008 10:30:32 Ugo Bellavance wrote:
AFAIK, redundancy for mail server seldom uses linux-ha/any other failover stuffs. It is most common to use 'backup MX' in DNS settings. So, when the main server in unreachable, the sender mail server would try to the secondary MX through DNS query.
That's the easy part, but where do you store the e-mail once you have accepted it? If the pop/IMAP server is down for a while, people won't be able to retreive their e-mail...
The secondary MX will temporarily store the mails. And when the primary server is up again, it will get all the mail from the secondary. Yes. there will be a down time in terms of mail service for users.
Maybe others can recommend a better best practice for this.
Yes. No backup mx. You ought to have a cluster of mail servers to accept mails for your domain if you need HA. Otherwise, let incoming emails queue at their sending hosts as setting up a 'backup' mx that will only hold the email and then pass them onto the 'primary' is really pointless and only serves to 1) delay delivery of mail and 2) delay notification of mail delay to the sending party. It is no longer acceptable today to wait for a week before notifying the sender of non-delivery. The idea of a backup mx no longer fits today's communications.
I agree, and I don't want to have any client not being able to contact the pop/IMAP server for more than 15 minutes.
Ugo
On Thu, Jan 03, 2008, Ugo Bellavance wrote:
Hi,
I will probably have to design an e-mail (and other components) infrastructure for a small ISP soon (WISP).
See my previous post on sizing mail servers. The setup there is in use at several of our regional ISP customers, and has been very solid. It's a design that has evolved since we started building and selling systems for ISPs in 1994.
I'm doing some research to determine which components would be best to offer e-mail services to their client and allow the staff to manage accounts easily.
There are various tools available to do this. I have set up very restricted webmin configurations so the support people at the ISP could do the necessary things easily with minimal chance of major screwups (after I've patched some things in webmmin that allowed it to remove /home when somebody typed in a bad directory :-).
I usually use virtual machines a lot for isolation and easy backups and migration (when a hardware node is underpowered, it is easy to migrate one or more virtual machines to another hardware node easily).
I have looked at iSCSI and drbd for high-availability of the storage: http://www.pcpro.co.uk/realworld/82284/san-on-the-cheap/page1.html.
This looks like it should be doing a great job of high availability storage.
For mail server, I guess I should look at an MTA and IMAP/POP server that supports LDAP and/or MySQL for users. Postfix should be a good choice for MTA, as I know it (at least a little, but I know sendmail better). For IMAP/POP, I'm not sure... Would dovecot be sufficient, or should I try cyrus. I'd rather use components that are available for base or extras repository (or rpmforge). I think that squirrelmail and horde would do a good job for webmail.
The systems we build have postfix/amavise/clamav, courier-imap, and usually horde/imp for webmail. I personally don't like Cyrus as I prefer to use standard Maildir which allows easy clustering for mail delivery and IMAP/POP access.
There shoudn't be any troubles having some redundancy for DNS, web servers, mtas, but what about IMAP/POP? linux-HA? MySQL replication should be enough, I guess. Or maybe linux-HA as well. I wonder if I should add GFS to the mix to have multiple IMAP/POP servers use the same storage. Or maybe IMAP proxies?
Any insights welcome :).
I hope you're not charging your client for your learning curve.
Bill -- INTERNET: bill@celestial.com Bill Campbell; Celestial Software LLC URL: http://www.celestial.com/ PO Box 820; 6641 E. Mercer Way FAX: (206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676
The whole aim of practical politics is to keep the populace alarmed (and hence clamorous to be led to safety) by an endless series of hobgoblins. -- H.L. Mencken, 1923
Bill Campbell wrote:
On Thu, Jan 03, 2008, Ugo Bellavance wrote:
Hi,
I will probably have to design an e-mail (and other components) infrastructure for a small ISP soon (WISP).
See my previous post on sizing mail servers. The setup there is in use at several of our regional ISP customers, and has been very solid. It's a design that has evolved since we started building and selling systems for ISPs in 1994.
Ok, but I can't seem to find it. Can you send me the link (see the 'archived-at' header in the message).
I'm doing some research to determine which components would be best to offer e-mail services to their client and allow the staff to manage accounts easily.
There are various tools available to do this. I have set up very restricted webmin configurations so the support people at the ISP could do the necessary things easily with minimal chance of major screwups (after I've patched some things in webmmin that allowed it to remove /home when somebody typed in a bad directory :-).
Makes sense, but hard to integrate with billing, for example. But could do. I'm trying to think long-term, while avoiding spending too much time/$.
I usually use virtual machines a lot for isolation and easy backups and migration (when a hardware node is underpowered, it is easy to migrate one or more virtual machines to another hardware node easily).
I have looked at iSCSI and drbd for high-availability of the storage: http://www.pcpro.co.uk/realworld/82284/san-on-the-cheap/page1.html.
This looks like it should be doing a great job of high availability storage.
For mail server, I guess I should look at an MTA and IMAP/POP server that supports LDAP and/or MySQL for users. Postfix should be a good choice for MTA, as I know it (at least a little, but I know sendmail better). For IMAP/POP, I'm not sure... Would dovecot be sufficient, or should I try cyrus. I'd rather use components that are available for base or extras repository (or rpmforge). I think that squirrelmail and horde would do a good job for webmail.
The systems we build have postfix/amavise/clamav, courier-imap, and usually horde/imp for webmail. I personally don't like Cyrus as I prefer to use standard Maildir which allows easy clustering for mail delivery and IMAP/POP access.
Ok, what do you mean by easy clustering? Over GFS? What make it hard to cluster in Cyrus?
There shoudn't be any troubles having some redundancy for DNS, web servers, mtas, but what about IMAP/POP? linux-HA? MySQL replication should be enough, I guess. Or maybe linux-HA as well. I wonder if I should add GFS to the mix to have multiple IMAP/POP servers use the same storage. Or maybe IMAP proxies?
Any insights welcome :).
I hope you're not charging your client for your learning curve.
Of course not. Actually, I'm doing research even before having the requirements, to know what is possible as soon as possible, once I have the requirements, and to be able to discuss with the potential client without having to say "I'll have to research on this" every 5 seconds.
Thanks a lot for your help :).
Ugo
I will probably have to design an e-mail (and other components)infrastructure for a small ISP soon (WISP).
I'm doing some research to determine which components would be best tooffer e-mail services to their client and allow the staff to manage accounts easily.
I usually use virtual machines a lot for isolation and easy backups andmigration (when a hardware node is underpowered, it is easy to migrate one or more virtual machines to another hardware node easily).
I have looked at iSCSI and drbd for high-availability of the storage:http://www.pcpro.co.uk/realworld/82284/san-on-the-cheap/page1.html.
This looks like it should be doing a great job of high availability storage.
For mail server, I guess I should look at an MTA and IMAP/POP serverthat supports LDAP and/or MySQL for users. Postfix should be a good choice for MTA, as I know it (at least a little, but I know sendmail better). For IMAP/POP, I'm not sure... Would dovecot be sufficient, or should I try cyrus. I'd rather use components that are available for base or extras repository (or rpmforge). I think that squirrelmail and horde would do a good job for webmail.
There shoudn't be any troubles having some redundancy for DNS, webservers, mtas, but what about IMAP/POP? linux-HA? MySQL replication should be enough, I guess. Or maybe linux-HA as well. I wonder if I should add GFS to the mix to have multiple IMAP/POP servers use the same storage. Or maybe IMAP proxies?
Any insights welcome :).
www.directadmin.com
Been running it on CentOS for years. Added Clamav and spamassassin to it. It utilizes Exim and dovecot along with standard bind and apache stuff. You pay monthly or yearly license fee. Its pretty cheap really. You can also pay a one time fee for a given machine.
Matt
Matt wrote:
I will probably have to design an e-mail (and other components)infrastructure for a small ISP soon (WISP).
I'm doing some research to determine which components would be best tooffer e-mail services to their client and allow the staff to manage accounts easily.
I usually use virtual machines a lot for isolation and easy backups andmigration (when a hardware node is underpowered, it is easy to migrate one or more virtual machines to another hardware node easily).
I have looked at iSCSI and drbd for high-availability of the storage:http://www.pcpro.co.uk/realworld/82284/san-on-the-cheap/page1.html.
This looks like it should be doing a great job of high availability storage.
For mail server, I guess I should look at an MTA and IMAP/POP serverthat supports LDAP and/or MySQL for users. Postfix should be a good choice for MTA, as I know it (at least a little, but I know sendmail better). For IMAP/POP, I'm not sure... Would dovecot be sufficient, or should I try cyrus. I'd rather use components that are available for base or extras repository (or rpmforge). I think that squirrelmail and horde would do a good job for webmail.
There shoudn't be any troubles having some redundancy for DNS, webservers, mtas, but what about IMAP/POP? linux-HA? MySQL replication should be enough, I guess. Or maybe linux-HA as well. I wonder if I should add GFS to the mix to have multiple IMAP/POP servers use the same storage. Or maybe IMAP proxies?
Any insights welcome :).www.directadmin.com
Been running it on CentOS for years. Added Clamav and spamassassin to it. It utilizes Exim and dovecot along with standard bind and apache stuff. You pay monthly or yearly license fee. Its pretty cheap really. You can also pay a one time fee for a given machine.
Thanks
Does it offer some kind of high availability features? Does it provides an API (for account creation/management from another system)?
-
Bill Campbell -
Christopher Chan -
Fajar Priyanto -
Gary Richardson -
Matt -
Ralph Angenendt -
Ugo Bellavance -
William Warren