A fallback mailserver image

Request and discuss new features you would like to have.
Post Reply
Woger
Posts: 67
Joined: 15 Mar 2017 10:54

A fallback mailserver image

Post by Woger »

Hi,

I am using an EFA server for checking mail for a few hundred domains. It works great and I am very happy with it. I use an older server as fallback server. I want to replace the old server with also an EFA server but the system requirements for EFA force me to get a server which is way too heavy for being a fallback server.
I checked the memory usage on my EFA server and I see it uses only about 4Gb of memory (it has 8Gb). However the fallback server doesn't need apache and mysql to run as it would use the primary server for mysql. It also needs less diskspace as there is no mail stored.
So I guess an image with such a simplified installation of EFA would fit on a much more simple VPS and thus cheaper 8-)

Thanks,
Roger
User avatar
pdwalker
Posts: 1553
Joined: 18 Mar 2015 09:16

Re: A fallback mailserver image

Post by pdwalker »

If you're familiar with Linux, then the whole thing should be relatively simple. Just disable any of the services you don't need. Munin and WebAdmin are two obvious examples and depending on how you do your virus scanning, you could also disable clamd. Also, depending on how and where you've configured your DNS, you could also disable unbound.

A couple of questions though:

1/ why do you have a backup server? Is it in case your primary server is unavailable for some reason? If the primary server is unavailable, won't that impact your need for a mysql database?

2/ will your back up server be accepting mail concurrently with your primary server, such as being available via a secondary MX record, for example?
Woger
Posts: 67
Joined: 15 Mar 2017 10:54

Re: A fallback mailserver image

Post by Woger »

Sorry pdwalker, I was a bit busy last week.

Yes, I use the secondary server as a backup server for the first one. The first one has a MX record with 10 and the second with 100 so the first one should handle (almost) all mail. The second one is mostly as a backup when the first goes down to keep the mail flowing. At the moment the secondary is a different system (old Baruwa) but I want to build a new EFA system for that. I then want just one Mailwatch interface for both servers.
The normal VPS system (VMKD) has quite high system requirements and for that is very overpowered. Mine does about 2000 mails per hour and the cpu usage and I/O are not spiking above 10%.
The second one does about 100 mails an hour and also uses only few resources except memory.
Both server cost me about 50$ a month.
What I would like is a normal server as a primary and a simple version as a secundary. Offcourse it still needs postfix, mailscanner, spamassassin, clamd but should send all gathered data to the primary. If the primary is down it can temporally store it local until it the primary is up again. If you disable apache, mysql, munin and have for example only 2 mailscanner childs running, would make it possible to have a server with less system requirements.

I am not sure if this is even possible (the "primary down" and maybe copy the mail from secondary to primary is tricky)

As soon as I have a few free hours I will try to build a normal system with the installation package. I remember I could download it somewhere :think:
User avatar
pdwalker
Posts: 1553
Joined: 18 Mar 2015 09:16

Re: A fallback mailserver image

Post by pdwalker »

EFA does not yet support clustering, so you'd have two different EFA interfaces to manage. Training spam on one machine, for example, would not train the second machine and vice-versa.

Another possibility would be to configure your secondary MX host as a forwarder to your first, and configure that to spool your mail while your primary is out of action. I've done this before and it has worked well enough for me that I never really worry about taking my primary down.

The configuration is simpler, and you still get the benefit of a single EFA instance; but

a) some of the mail sent via the trusted secondary host might get flagged as "not spam" since the last host was trusted. (I might just have the primary host remove or rename the received header from the trusted host)

b) while your primary is down, people won't be able to receive mail - and depending on how their mail system is setup, be able to send it either. Oh, they won't lose mail people send them because the secondary will still store it and deliver it later.
Woger
Posts: 67
Joined: 15 Mar 2017 10:54

Re: A fallback mailserver image

Post by Woger »

I have a dedicated mail server behind the 2 mailgateways and in front of the 2 mailgateways there is another mailserver in another continent which just forwards mail to the 2 mailgateways.
However, I probably have to wait for EFA4 then. In the meantime I will try to replace the secondary by a EFA server build with the installation script on a system with lower requirements and see if it still runs.
TheGr8Wonder
Posts: 97
Joined: 01 Jul 2017 02:32

Re: A fallback mailserver image

Post by TheGr8Wonder »

Will the 2 eFa boxes be located in the same network/location? This is currently what I'm doing for my deployment.

If so, you can break apart the DB functions to a dedicated machine and then update the eFa code to reflect the changes. (These mods will need added every time you upgrade your eFa system). I'm going to assume you already have the know-how on how to create a clustered MariaDB cluster for resiliency.
  • On that new DB cluster, you'll create the DBs currently used in eFa, and import the data from your current main production eFa.
  • You will then create new DB users for all of eFa functions (sa/mailwatch/greylisting)
  • You'll then update the code on the eFa to reflect the new DB host and users/pass
eFa can then scale out at that point, all using the same central DB, pending your resources. Things like DB backup during the upgrades will no longer function.

If the 2 eFa will not be in the same network, you can then setup master/master MariaDB replication between the 2 boxes, with using the local DB instances installed at the time of eFa deployment.
User avatar
pdwalker
Posts: 1553
Joined: 18 Mar 2015 09:16

Re: A fallback mailserver image

Post by pdwalker »

Doesn't that create problems when viewing messages?

For example, message A to host A, message B to host B. The clustered DB access and the UI will show the recent messages as A, B.

If I am accessing the UI on machineA, then trying to access the content of message B will fail since it is not actually stored on Machine A.

There'd have to be more than few simple changes to make that happen I believe, but I'd be happy to be proven wrong.
TheGr8Wonder
Posts: 97
Joined: 01 Jul 2017 02:32

Re: A fallback mailserver image

Post by TheGr8Wonder »

The message gets stored in the DB to what server it arrived and is processed/stored. This is to avoid the issue you're describing within MailWatch.

As long as the XML-RPC is configured properly in the .conf for MailWatch, and the 2 machines can converse via a back-end link (either private or public), I can be on server A's GUI, and view messages that were processed on server B, and vice versa. You'll just click the message and if you don't pay attention to the headers, you won't know the difference.

Same type that v4 will be based on.
User avatar
pdwalker
Posts: 1553
Joined: 18 Mar 2015 09:16

Re: A fallback mailserver image

Post by pdwalker »

Oh cool, so that is a fair number of changes then. Nice.
Woger
Posts: 67
Joined: 15 Mar 2017 10:54

Re: A fallback mailserver image

Post by Woger »

Gr8wonder,
Sounds doable. My second server will be on another network. But you say, this is covered by EFA4? As you can see by my slow responses, I don't have much time at the moment, so just wait for EFA4 is the best solution now. Great work (again) by the developers :clap:
Post Reply