New Recruit -> First Mail toaster

[Drop]

Hey guys,

After doing some research, the mail toaster looks to be the best all-round solution for email out there so I am going to take the plunge. Most notably impressive is the fact that it incorporates stuff we have already been using to maintain a secure and stable mail system for the past number of years.

So, of course I have a few questions to migrate from my cobbled hacks to mail toaster. Previously, we were running on fbsd 5.1, 2 p2 400s with 512mbs ram, mirrored 60gb drives (I know, but they are rock solid) with all services running in seperate jails. The two boxes failed over onto each other using 'poor man's' failover and it worked quite handily. If mail entered either of the qmail jails on each system, a copy would be sent to the other system to maintain syncing. Worked fine for 2 years and a bit so far with no maintenance required other than stupid programs still trying to use sendmail to send daily reports.

Moving to 2 dual p3 800s with 1gb ram each and mirrored 60s again: My plan is to install on a fbsd 6.0 release (p4) fresh, then setup a jail, install perl and run mail toaster with nothing else. My concerns/questions are the following:

1. Will the default mail toaster install run happily from a fresh fat jail? Is there anything special I need to do?

2. Performance wise are there any recommended tweaks for kernel/sysctl optimization? I have a field day messing with these for firewall builds (pretty much broken every rfc rule, but hey it works securely and fast) and have found quite a performance improvement so I would like some experienced recommendations from the community.

3. Is failover between 2 toasters possible? i.e. Like in our previous incarnation we had both boxes forward a copy to one another to maintain syncing. Does mail toaster have that option or does it have to be manually configured?

That should be about it. I plan on getting them up and going this week. Migration isn't an issue as we only have 15 users

thanks in advance,

Phil

[matt]

Drop wrote on Mon, 20 February 2006 14:25

Hey guys, After doing some research, the mail toaster looks to be the best all-round solution for email out there so I am going to take the plunge. Most notably impressive is the fact that it incorporates stuff we have already been using to maintain a secure and stable mail system for the past number of years. So, of course I have a few questions to migrate from my cobbled hacks to mail toaster. Previously, we were running on fbsd 5.1, 2 p2 400s with 512mbs ram, mirrored 60gb drives (I know, but they are rock solid) with all services running in seperate jails. The two boxes failed over onto each other using 'poor man's' failover and it worked quite handily. If mail entered either of the qmail jails on each system, a copy would be sent to the other system to maintain syncing. Worked fine for 2 years and a bit so far with no maintenance required other than stupid programs still trying to use sendmail to send daily reports. Moving to 2 dual p3 800s with 1gb ram each and mirrored 60s again: My plan is to install on a fbsd 6.0 release (p4) fresh, then setup a jail, install perl and run mail toaster with nothing else. My concerns/questions are the following: 1. Will the default mail toaster install run happily from a fresh fat jail? Is there anything special I need to do?

Yes. In fact, I do all the build testing in a jail. The only thing that won't work is SNMP and thus RRDutil.

Quote:

2. Performance wise are there any recommended tweaks for kernel/sysctl optimization? I have a field day messing with these for firewall builds (pretty much broken every rfc rule, but hey it works securely and fast) and have found quite a performance improvement so I would like some experienced recommendations from the community.

Nope, FreeBSD arrives just fine out of the box.

Quote:

3. Is failover between 2 toasters possible? i.e. Like in our previous incarnation we had both boxes forward a copy to one another to maintain syncing. Does mail toaster have that option or does it have to be manually configured?

The only failover in popular use is having a shared storage via NFS/NAS or SAN with multiple systems connecting to the same share point.

[Drop]

Yip, I got pretty far and discovered on my own the rrdutil doesn't work , but hey everything else did.

BTW, it is pokey with fbsd 6.0 - infact I backed off to 5.4 as I have been finding problems with 6 on other machines. SMP isn't stable with either scheduler for some odd strange reason.

As for failover, I found another dirty way but it works. Set up identical machine, when adding the virtual domains do it on both boxes and set up an auto forward to the other mail server internal address to the user account - not the alias. Works like a charm.

Overall good package - in fact you had 2 updates (I started on 4.08) during my fun playing with it.

thanks,

Drop

[Drop]

Bleh, haven't been back in a while; but that usually means good things.

Ok, ran into a bit of a snag. We had a power outage and one of the machines mail jail trashed. MySQL looks to be the culprit.

Not going to bother trying to fix it as I see that toaster is now up to version 5.x so I am going to install form scratch. My old configuration with the two boxes in failover worked just fine, but I don't like the fact that MySQL is very sensitive to drive failures. As Matt suggested earlier, NFS is really the only true option....

So, would anyone care to do up a quick blurb on how one would go about using a NFS mount that was mounted from multiple machines in read/write if they have had experience doing so? I was thinking aobut just putting the jail on the mount but I think that there would be some problems process wise. Ultimately this would be pretty cool from a scalability/ha/load balancing perspective and might be better in the requests section.

Thanks in advance.