As someone new to setting up an email server and actually in the process of researching it, I have actually found the thread, "sendmail vs. postfix" very interesting. The one thing that is not clear to me is the partition scheme that is best for an email server. I would like to here what people are using for their partition setup. Anyone care to share? D~
Daniel Wright wrote:> As someone new to setting up an email server and actually in the > process of researching it, I have actually found the thread, > "sendmail vs. postfix" very interesting. The one thing that is not > clear to me is the partition scheme that is best for an email server. > > I would like to here what people are using for their partition setup. > Anyone care to share?For email servers specifically, the only thing I have found necessary is to make absolutely sure to have a hard /etc and /var partitions set up. That way, if your machine is completely dead, you can always re-install over the root partition without losing your actual data. Saved my toosh once when my backups failed. J
Daniel Wright wrote:> As someone new to setting up an email server and actually in the process > of researching it, I have actually found the thread, "sendmail vs. > postfix" very interesting. The one thing that is not clear to me is the > partition scheme that is best for an email server. > > I would like to here what people are using for their partition setup. > Anyone care to share?/boot - 100 MB swap - double the RAM up to 1GB / - ..and the rest.. I know this is probably bad practice but I like to keep things as simple as possible. Is there a good reason for a ton of different partitions? --Ajay
>as possible. Is there a good reason for a ton of different partitions? > >Just - can''t - resist... One of the main things that can take down a mail server is log file growth. You should consider at a minimum put them into a seperate partition so that they can fill the partition without crashing the machine. Jonathan
Jonathan wrote:> >> as possible. Is there a good reason for a ton of different partitions? >> > Just - can''t - resist...Please no one resist. I''ve always read about people splitting everything up, but I don''t know all the reasons why...> One of the main things that can take down a mail server is log file > growth. You should consider at a minimum put them into a seperate > partition so that they can fill the partition without crashing the machine.That''s a good reason. Any others? --Ajay
I like to have my /var directory on a different partition, just in case log files start to get large. I would rather have my /var fill up, than have services stop working... -----Original Message----- From: centos-bounces@caosity.org [mailto:centos-bounces@caosity.org] On Behalf Of Ajay Sharma Sent: Tuesday, March 29, 2005 3:38 PM To: CentOS discussion and information list Subject: Re: [Centos] email server partition scheme Daniel Wright wrote:> As someone new to setting up an email server and actually in the > process of researching it, I have actually found the thread, "sendmail vs. > postfix" very interesting. The one thing that is not clear to me is > the partition scheme that is best for an email server. > > I would like to here what people are using for their partition setup. > Anyone care to share?/boot - 100 MB swap - double the RAM up to 1GB / - ..and the rest.. I know this is probably bad practice but I like to keep things as simple as possible. Is there a good reason for a ton of different partitions? --Ajay _______________________________________________ CentOS mailing list CentOS@caosity.org http://lists.caosity.org/mailman/listinfo/centos
Daniel Wright wrote:> As someone new to setting up an email server and actually in the process > of researching it, I have actually found the thread, "sendmail vs. > postfix" very interesting. The one thing that is not clear to me is the > partition scheme that is best for an email server. > > I would like to here what people are using for their partition setup. > Anyone care to share?/ /boot /var /usr /tmp as tmpfs /var/tmp as tmpfs /home /tmp and /var/tmp will be kept on memory filesystems, you can limit the sizes (if you don''t, default is half of your RAM). Advantage is that when you reboot, they are gone. IMO, 64-128MB is more than enough for each of them. Solaris has /tmp on tmpfs for eons. Don''t know why it hasn''t become common practice in Linux world. You can mount /boot and /usr read-only. Don''t forget to remount read-write when you actually need to install/update software. You can also mount /boot, /var, /tmp, /var/tmp, and /home as nosuid and noexec, as needed. They shouldn''t contain executables anyhow. Especially no setuid executables. Do note that some of these do not play nicely with SELinux (yet). If you run Apache under SELinux, you can''t mount /var nosuid (or privilege transitioning will not work on that partition, which is logical when partition is mounted nosuid, therefore Apache will not work -- in that case remove nosuid flag). Also, if you want cgi-bin scripts in /var/www/cgi-bin, you can not mount /var as noexec. Also, PostgreSQL doesn''t like /tmp being on tmpfs when run under SELinux (bug in targeted policy, but there are many other targeted policy bugs related to use of /tmp even if it is on regular disk-based file system, so don''t worry about it). -- Aleksandar Milivojevic <amilivojevic@pbl.ca> Pollard Banknote Limited Systems Administrator 1499 Buffalo Place Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7
I used to keep /var/spool/mail on a separate partition, so if necessary I could swap the drive out to (or replace it from) another box and be up and running quickly. This was before I started using imap, however. The default settings place imap folders in /home/~ which makes swapping drives a little more complicated. I''ve considered a few different options, while trying not to increase the number of partitions by too much, including putting home dirs in /var so that I can swap the /var partition easily, but this has its drawbacks as well. I''d be interested in what other people are doing as far as partitioning schemes for MTA + IMAP servers. Brendan Ajay Sharma wrote:> Jonathan wrote: > >>>as possible. Is there a good reason for a ton of different partitions? >>> >> >>Just - can''t - resist... > > > Please no one resist. I''ve always read about people splitting > everything up, but I don''t know all the reasons why... > > >>One of the main things that can take down a mail server is log file >>growth. You should consider at a minimum put them into a seperate >>partition so that they can fill the partition without crashing the machine. > > > That''s a good reason. Any others? > > --Ajay > _______________________________________________ > CentOS mailing list > CentOS@caosity.org > http://lists.caosity.org/mailman/listinfo/centos
Daniel Wright wrote:> As someone new to setting up an email server and actually in the process > of researching it, I have actually found the thread, "sendmail vs. > postfix" very interesting. The one thing that is not clear to me is the > partition scheme that is best for an email server. > > I would like to here what people are using for their partition setup. > Anyone care to share?Depending on what kind of email server you''re setting up (UW-imap vs. cyrus, mbox vs. maildir, etc) and the number of clients you expect to have on it, there are a few different answers. For smaller setups with either type of imap/pop3 config, having a seperate /var/spool/mail partition is almost always a good idea. As you get into bigger and bigger setups though, especially if you''re using a mbox type imapd like uw-imap, you''ll want to start thinking about putting /var/spool/mail on a seperate disk all together, or on a fast raid array if you really have the means. The #1 problem I see with people using uw-imap is they become I/O bound very quickly since uw-imap stores it''s inbox in on large mbox file in /var/spool/mail and has to open the whole thing up every time it reads/writes to it. Again, not a huge deal if you''ve got 10 people with 20-50Mb inboxes, but it turns into a problem fast if you''ve got a few hundred people accessing their inboxes of 50-100Mb. :) If you''re running a maildir type imapd like cyrus, I''d recommened putting /home/ on a seperate partition as well, and if you have enough users, a seperate disk/raid array if you can. Personally, I''m not a huge fan of carving up a disk into more than 3 or 4 partitions. If the primary reason is to cover huge log files, as some have mentioned, it might be a good idea to take a closer at look at your logrotate scripts to keep a partition from filling up. HTH Dan
>>>as possible. Is there a good reason for a ton of different partitions? >>> >> >>Just - can''t - resist... > > > Please no one resist. I''ve always read about people splitting > everything up, but I don''t know all the reasons why... > > >>One of the main things that can take down a mail server is log file >>growth. You should consider at a minimum put them into a seperate >>partition so that they can fill the partition without crashing the machine. > > > That''s a good reason. Any others? >A single irate / miss configured program can chew up all your inodes in a partition.
Aleksandar Milivojevic
2005-Mar-29 21:33 UTC
Spam: Re: [Centos] email server partition scheme
Brendan Pirie wrote:> I used to keep /var/spool/mail on a separate partition, so if necessary > I could swap the drive out to (or replace it from) another box and be up > and running quickly. This was before I started using imap, however. The > default settings place imap folders in /home/~ which makes swapping > drives a little more complicated. I''ve considered a few different > options, while trying not to increase the number of partitions by too > much, including putting home dirs in /var so that I can swap the /var > partition easily, but this has its drawbacks as well. I''d be interested > in what other people are doing as far as partitioning schemes for MTA + > IMAP servers.This is exactly the reason why I like Cyrus even for "small" installations. Mail store is completely independent of user''s home directories. Actually, your email system becomes user-proof, since user''s do not have direct file system access to anything IMAP server needs to touch. Plus Sieve (which is used instead of procmailrc/forward files) configuration is also inside /var, not directly accessible by the users. In your case, if you were to use Cyrus, you would simply put /var/spool/imap onto the separate partition, and off you go. You could even put /var/lib/imap that holds couple of databases used by Cyrus onto separate (smaller) partition on different disk from /var/spool/imap for better performance. If you feel like it. -- Aleksandar Milivojevic <amilivojevic@pbl.ca> Pollard Banknote Limited Systems Administrator 1499 Buffalo Place Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7
On Tue, 29 Mar 2005 14:58:28 -0600, Aleksandar Milivojevic <amilivojevic@pbl.ca> wrote:> > You can also mount /boot, /var, /tmp, /var/tmp, and /home as nosuid and > noexec, as needed. They shouldn''t contain executables anyhow. > Especially no setuid executables.You''re aware of this, I assume: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=126259 By default, logrotate needs to exec scripts in /tmp so setting it noexec requires you to also change the place logrotate is using to place it''s script. Greg
> This is exactly the reason why I like Cyrus even for "small" > installations. Mail store is completely independent of user''s home > directories. Actually, your email system becomes user-proof, since > user''s do not have direct file system access to anything IMAP server > needs to touch. Plus Sieve (which is used instead of procmailrc/forward > files) configuration is also inside /var, not directly accessible by the > users. > > In your case, if you were to use Cyrus, you would simply put > /var/spool/imap onto the separate partition, and off you go. You could > even put /var/lib/imap that holds couple of databases used by Cyrus onto > separate (smaller) partition on different disk from /var/spool/imap for > better performance. If you feel like it. >Thanks very much for this information. I/we currently use uw-imap, and I''ve been meaning to check out Cyrus anyway (not so much for anything lacking in uw, per se, but to explore and understand other (possibly better) options). email systems being user-proof isn''t such a big issue here, as no user has shell access, but from a security standpoint it still sounds like a better design, not to mention disk management. Brendan
Another thing to consider it throughput. High IO servers like postfix will benefit from splitting up the partitions on multiple drives. That way your IO can be split between drives, lowering IO on the individual drives. A postfix guru gave me a recommended layout once for a high usage postfix serve, but I don''t have it handy.. sorry. ----- Original Message ----- From: "Daniel Wright" <dw@wonderwave.net> To: "CentOS discussion and information list" <centos@caosity.org> Sent: Tuesday, March 29, 2005 2:24 PM Subject: [Centos] email server partition scheme> As someone new to setting up an email server and actually in theprocess> of researching it, I have actually found the thread, "sendmail vs. > postfix" very interesting. The one thing that is not clear to me isthe> partition scheme that is best for an email server. > > I would like to here what people are using for their partitionsetup.> Anyone care to share? > > > D~ > >