MailScanner + Zimbra...anyone done it before?

James Gray james at gray.net.au
Sun Sep 9 01:05:45 IST 2007


Thanks for the suggestions folks.  The consensus seems to be "run a  
separate box" but the problem is we have a number of people who work  
remotely and that would introduce a whole raft of new custom-hacks to  
get authenticated SMTP relaying going for the remote users via the  
separate box (assuming it becomes the "Internet-facing" part of the  
SMTP chain).  Then the remote users would (probably) need a different  
mail config when the venture into the office.  The way things stand  
at the moment the roaming users can use EXACTLY the same mail setup  
externally as those in the office without the need for VPN,  making  
the transition seamless (management LOVE that crap...personally, I  
don't care).  So long story short - it's gotta run on a single box  
with Zimbra being the MTA.  Not a big deal, I've already set Zimbra  
up with a couple of RBL's and MTA-level anti-spam measures and it's  
doing fine.

As for the resources Zimbra chews up, yes, it is VERY hungry.   
However, its constituent components can be separated as the system  
grows.  The OpenLDAP, MySQL, Tomcat and Postfix/MTA components are  
completely separable thus spreading the love amongst different  
machines etc.  It's actually kinda neat :)  However, we are running  
everything on the one machine for the time being but it's a bit of a  
beast: dual Xeon's, 6GB ECC RAM, couple-of-hundred GB U320 SCSI RAID  
5, dual gigabit (bonded) Ethernet....and we only have 30  
mailboxes! :P  I think it will handle the 4-5 MailScanner children  
and Mailwatch running along side.

Worst case scenario: I mount/export the Postfix spools via NFS and do  
the opposite on a "filter" box running MS+MW.  That introduces a new  
set of "what if's" the first that springs to mind is file locking.   
So Postfix guru's: can you think of anything that would barf on  
either the MailScanner or Postfix sides by using NFS for the mail  
spool?  What would be better: mounting the spools on a MailScanner  
box (exporting from the Postfix box), or the other way around?  I'd  
be using a RAM disk for the MailScanner children's scratch space so I  
can't see performance being a show-stopper.

I'm trying to keep the Zimbra box as close to standard as possible,  
so hacking the bejeezus out of it is off the cards.  Minor changes to  
the operating system (CentOS) such as NFS frufru wouldn't be a big  
problem as this is all handled through our configuration management  
system :)  Unfortunately, most of the config for Zimbra is stored in  
its LDAP directory making it very difficult to manage that with a  
file-based configuration management system.  See the problem? *sigh*  
Nothing is ever easy ;)

Thanks again folks!

James
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2417 bytes
Desc: not available
Url : http://lists.mailscanner.info/pipermail/mailscanner/attachments/20070909/d970ac06/smime.bin


More information about the MailScanner mailing list