Svetozar Mihailov writes:
Hello all,I'm building Courier Cluster and have few questions. Hardware details: 4 core quad servers with 8GB ram, iscsi storage with gfs2. Full cluster will have total 8 servers. Questions: 1. Sam, This cluster will offer free hosting ( mail and www ) services for our customers which already pay for internet connectivity. Do I need some kind of license for courier suite? Is this changes if this hosting also offer payed services?
No and no.
2. DNS: Which dns structure is allowed/better: 2.1 One MX record for mail.example.com and 8 A records for each server. OR 2.2 Eight MX records with equal priority to c(1-8).mail.example.com for smtp and additional eight A records for mail.example.com for pop/imap.
I would suggest a combination, 4 MX records with two A addresses for each one.
2.2 I do not want to use load balancer because if load balancer dies everything stop. I will implement monitoring (ping?) daemon, which will add/remove servers to dns if some of them dies. Is there recomended minimal TTL for dns records in this case?
With eight servers, I wouldn't even bother, and leave the default TTL set to one day.
3. Do I need special care of file locking? All servers have consistent view of file system, and is possible one user to login to few servers at same time via pop/imap.
Locking is used very minimally, only in the IMAP server. No special consideration is necessary.
4. What about MAXPERIP setting? It is possible to make this cluster aware? Otherwise each user can login up to MAXPERIP times on each server at same time.
No, MAXPERIP is per-server.
5. I think to place /etc/courier and /etc/authdaemon on iscsi/gfs2 so all servers will see same configs all time. Modifying configs and running make* scripts will be done on one separate server. I'm thinking to create additional daemon, which will fam monitor this two folders and issue 'courier restart' and 'service authdaemon restart' on change. Is this will be ok?
This is ok, but you should carefully set each server's hostname. Each server needs to know its own FQDN.
5.1 /var/spool/courier will be also on iscsi/gfs2, but as I know it isnot possible to share this over servers?
Correct.
5.2 It is possible at compile time to move certificates from /usr/lib/courier/share to /etc/courier/share? Or just to symlink certificates to /etc/courier/share?
Use a symlink.
7. I use mysql backed with services separation like this (/etc/courier/imapd): ADDRESS=0 PORT=143,127.0.0.1.144 AUTHSERVICE143=imap AUTHSERVICE144=imapl AUTHSERVICE993=imaps It is possible to setup imap:143 to issue 'imaps' if user send STARTTLS before authentication? Or implement something like AUTHSERVICESSLADD=s' which depends only on connection status (clear/ssl|tls)? Same thing with pop3.
No, but that's a good point.
pgp9KVou7U2cF.pgp
Description: PGP signature
------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
