I was faced with some similar problems a few years ago. I have a
(somewhat outdated) write-up with references here:
http://www.eecs.tufts.edu/~dert/mail-design.html
The basic problem was that my manager didn't want to deploy NFS on
our BSDi boxen. Primary goals were scalability, a component-based
architecture, and fault-tolerance. We wanted to be able to lose a
few servers (including the loss of local disk) with zero downtime
and zero loss of data. We also wanted a flat structure (without the
distinction between MXers and POPers) for easier management.
My solution involves an lbnamed-like dynamic DNS server and a POP
proxy. The users POP mail off of lusername.zone.domain.dom and the
POP proxy performs identical operations on all servers mirroring the
mail spool of the user.
There are no synchronization issues because the same operations
are performed on all mirrors at the same time. The cluster is
easily tuned for greater performance (just add more nodes) or greater
fault-tolerance (just add more mirrors). Only data actually used
is ever stored on the servers, and it's stored locally, so I/O does
not impact the network.
The dynamic DNS server bit may be the most useful to you because it
can resolve geography issues and quickly transfer load from the local
(and broken) server to the remote (and happy) server.
#if Betsy Schwartz /* Apr 12, 15:01 */
> The basic requirement for mail is that no message should ever get
> lost. Slow delivery and duplicate delivery are undesirable but not
> stoppers. A small interruption of POP availability during failover
> is OK; interruption of inbound SMTP is not acceptable (but won't be
> a problem in this case)
#endif /* [EMAIL PROTECTED] */
--
Andy Davidoff
Sen. Unix SysAdmin
Tufts University
---
Send mail for the `bblisa' mailing list to `[EMAIL PROTECTED]'.
Mail administrative requests to `[EMAIL PROTECTED]'.
