Postfix + LDAP + Cluster
Ed
plug at 0x1b.com
Wed Jun 2 09:33:57 MST 2010
Bryan - I think the idea is to separate the extraction of information
from the LDAP from the accessing of the information by Postfix. For
example drop the LDAP data to a flat file every X minutes - only if
there are changes - and have postfix access the flat file - aka on a
virtual_domain lookup use 'virtual_alias_domains =
hash:/etc/postfix/virtual_alias_maps' instead of virtual_alias_domains
= ldap: which can hang. I would do this for the config stuff and the
user lookup - once the email is in your system a momentary LDAP fail
is less of a problem - a delay not a drop. Also this means your LDAP
servers don't have to join your postfix gateways out in the DMZ -
which may be on the other end of an IPsec tunnel. etc etc
we really shouldn't be top posting - Dennisk will kill me. ;)
On Tue, Jun 1, 2010 at 11:11 PM, Bryan O'Neal
<Bryan.ONeal at theonealandassociates.com> wrote:
> Good point for ldap - perhaps have a local ldap mirror in each server...
>
> On Tue, Jun 1, 2010 at 8:36 PM, Ed <plug at 0x1b.com> wrote:
>> Is this just a hot swap or some ghost servers?
>>
>> The best way is to set up your failover at the DNS level and at the
>> LDAP cluster. A heartbeat can bring on the mirror postfix if the
>> primary fails. You want to be dropping your LDAP info to a flat file
>> for postfix to work from on a regular interval - no reason for postfix
>> to stop if it can't reach the LDAP(s) "Temporary lookup failure".
>> Also, I would guess there is a database in there somewhere for the
>> email themselves - just make that a cluster too.
>>
>> I don't think Postfix is stateful on its own, just a queu that only
>> clears an email after delivery is confirmed to the next queu. If the
>> postfix machine dies before a message gets delivered, the message will
>> still be in the delivery queu, ready to be delivered.
>> or
>> http://readlist.com/lists/postfix.org/postfix-users/13/67961.html
>> or IPANY
>> http://www.gossamer-threads.com/lists/linuxha/users/63864
>>
>>
>> On Sun, May 30, 2010 at 7:57 PM, Bryan O'Neal
>> <Bryan.ONeal at theonealandassociates.com> wrote:
>>> Ok so I now have another postfix project (second one this week). This
>>> one specifies the following - CentOS servers, virtual users, ldap
>>> authentication (automatic user creation from ldap is a plus), and all
>>> mail and configs must be synced with a second box for redundancy.
>>>
>>> The configs are just an rsync issue, any recommendations on syncing mail?
>>>
>>>
>>> Any one want to give me there two cents or point to a favorite how too.
>>> ---------------------------------------------------
>>> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
>>> To subscribe, unsubscribe, or to change your mail settings:
>>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
More information about the PLUG-discuss
mailing list