CentOS - Oct 2005 - Load balancing email?

Currently, we have two mail relays for inbound messages, and a third for POP. 

The inbound messages go thru all the CPU-intensive anti-spam stuff, and then 
they relay it to the POP server for pickup. 

Currently, one of these is the "primary", and the other is
"secondary", and
I'd like them to be considered more or less as equals, since the
"primary"
system is getting beaten pretty hard. 

The DNS zone file says something like this: 

###############################
@isp.com 
<SNIP>
                IN      MX      100 mx1.isp.com. 
                IN      MX      1100 mx2.isp.com.
<SNIP 
################################

I seem to recall that I make them act as "equals" by simply changing
this to

###############################
@isp.com 
<SNIP>
                IN      MX      100 mx1.isp.com. 
                IN      MX      100 mx2.isp.com.
<SNIP 
################################

so that they both get about the same amount of inbound messages. Has anybody 
here actually done this? How well does this work as far as failover if either 
system fails? 

-Ben 
-- 
"The best way to predict the future is to invent it."
- XEROX PARC slogan, circa 1978

Benjamin Smith wrote:
>Currently, we have two mail relays for inbound messages, and a third for
POP.
>
>The inbound messages go thru all the CPU-intensive anti-spam stuff, and then
>they relay it to the POP server for pickup. 
>
>Currently, one of these is the "primary", and the other is
"secondary", and
>I'd like them to be considered more or less as equals, since the
"primary"
>system is getting beaten pretty hard. 
>
>The DNS zone file says something like this: 
>
>###############################
>@isp.com 
><SNIP>
>                IN      MX      100 mx1.isp.com. 
>                IN      MX      1100 mx2.isp.com.
><SNIP 
>################################
>
>I seem to recall that I make them act as "equals" by simply
changing this to
>
>###############################
>@isp.com 
><SNIP>
>                IN      MX      100 mx1.isp.com. 
>                IN      MX      100 mx2.isp.com.
><SNIP 
>################################
>
>so that they both get about the same amount of inbound messages. Has anybody
>here actually done this? How well does this work as far as failover if
either
>system fails? 
>
>-Ben 
>  
>
I actually recommend using a Cyrus system.  We are able to handle about
20,000 accounts with the following servers:

3 front ends (Horde, IMAP, Spam Assassin, SMTP, etc load-balanced at the
firewall)
2 storage servers (actually stores the e-mails)
1 MySQL server (Used for Horde)
1 list server (for MailMan)

This can easily be added to.  We use it a lot so that we can remove a
system from the load balance and upgrade one server at a time.  We can
eventually take all but one out and have them upgraded and then swap the
last one with all of the new servers.  It appears to be seamless to the
users and sure helps with being able to do maintenance at any time of
day and you don't have to have overly powerful servers to get it working
well.

--
Nathaniel Hall, GSEC

Using multiple A records is good for performance balancing, but what if one of 
the systems fails? 

Using your cocnfiguration, the delivering mail server has an "a"
record and a
single MX, so it wouldn't try the other mail server in the case of a
failure,
right? 

Whereas, by listing multiple IPs and mx1/mx2, wouldn't the delivering mail 
server try the other address? 

Thanks, 

-Ben 

On Tuesday 25 October 2005 16:02, you wrote:
> I once did this and it worked great:
> 
>      IN    MX    10 mx.example.com.
> 
> mx   IN    A    192.168.1.1
>      IN    A    192.168.1.2
> 
> ...etc.  Perfect DNS load balancing.
> 
> Jack
> 
> Benjamin Smith wrote:
> 
> >Currently, we have two mail relays for inbound messages, and a third
for
POP.
> >
> >The inbound messages go thru all the CPU-intensive anti-spam stuff, and
then
> >they relay it to the POP server for pickup.
> >
> >Currently, one of these is the "primary", and the other is
"secondary", and
> >I'd like them to be considered more or less as equals, since the
"primary"
> >system is getting beaten pretty hard.
> >
> >The DNS zone file says something like this:
> >
> >###############################
> >@isp.com
> ><SNIP>
> >                IN      MX      100 mx1.isp.com.
> >                IN      MX      1100 mx2.isp.com.
> ><SNIP
> >################################
> >
> >I seem to recall that I make them act as "equals" by simply
changing this
to
> >
> >###############################
> >@isp.com
> ><SNIP>
> >                IN      MX      100 mx1.isp.com.
> >                IN      MX      100 mx2.isp.com.
> ><SNIP
> >################################
> >
> >so that they both get about the same amount of inbound messages. Has 
anybody
> >here actually done this? How well does this work as far as failover if 
either
> >system fails?
> >
> >-Ben
> >--
> >"The best way to predict the future is to invent it."
> >- XEROX PARC slogan, circa 1978
> >_______________________________________________
> >CentOS mailing list
> >CentOS at centos.org
> >http://lists.centos.org/mailman/listinfo/centos
> >  
> >
> 
-- 
"The best way to predict the future is to invent it."
- XEROX PARC slogan, circa 1978

Just wondering - have you tried greylisting? Why or why not?

-Ben 

On Tuesday 25 October 2005 15:42, replies-lists-centos at listmail.innovate.net 
wrote:
> you are correct. setting the ordinals to be the same (whatever value you
> select) will cause the entries for the two machines to rotate.  failover
> works mostly (it depends on how the first machine fails and related
> timeout issues).
> 
> i would actually suggest a somewhat different setup.
> 
> the problem with multiple external mail hosts is that the more you have
> the more spammers have to hit. [they don't care about mx record
> ordinals, etc.]  with your spam stuff on these front-end machines (if i
> understand your configuration correctly), the spammers are just eating
> up your resources.
> 
> so, instead, set up one or more (depending on load/needs) front-end
> machines. use DNSBL in sendmail/postfix (whichever you feel more
> comfortable configuring) to cut down on the junk. [when i last checked,
> dnsbl blocking dynamic IPs (dialup/cable modems) cut the basic trash
> down by 60-70%.]
> 
> then, put your anti-spam stuff on one (or more if necessary) back-end
> machines that only accept mail from the front-end machines. that way
> your anti-spam stuff is only going to see mail that's gone through the
> dnsbl and won't be taking up resources of the basic mail handling on
the
> front-end machine(s).
> 
> after the anti-spam machine(s), pass the mail on to your pop/imap server.
> 
> i suspect that with this setup you could have one front-end machine,
> load-balance (with two A-records for the same name but different
> ipnumbers (aka DNS shuffle-A)) for two anti-spam machines and you'll be
> ok.
> 
> if you want a second front-end machine, for fail-over, you have to
> realize that it will get just about as much spam as the first machine,
> regardless of your mx-record settings. it's good to have it, just
> realize you're provide a second door that the spammers will *always*
try.
> 
> in short, put the resource intensive anti-spam stuff back a level from
> the external SMTP server(s). that will let the SMTP servers do their job
> without getting high load from the anti-spam stuff.
> 
> 
>     - Rick
> 
> 
> 
> ------------ Original Message ------------
> > Date: Tuesday, October 25, 2005 03:03:55 PM -0700
> > From: Benjamin Smith <lists at benjamindsmith.com>
> > To: centos at centos.org
> > Subject: [CentOS] Load balancing email?
> > 
> > Currently, we have two mail relays for inbound messages, and a third
> > for POP. 
> > 
> > The inbound messages go thru all the CPU-intensive anti-spam stuff,
> > and then  they relay it to the POP server for pickup. 
> > 
> > Currently, one of these is the "primary", and the other is
> > "secondary", and  I'd like them to be considered more or
less as
> > equals, since the "primary"  system is getting beaten pretty
hard.
> > 
> > The DNS zone file says something like this: 
> > 
> >############################### 
> > @isp.com 
> > <SNIP>
> >                 IN      MX      100 mx1.isp.com. 
> >                 IN      MX      1100 mx2.isp.com.
> > <SNIP 
> >################################ 
> > 
> > I seem to recall that I make them act as "equals" by simply
changing
> > this to 
> > 
> >############################### 
> > @isp.com 
> > <SNIP>
> >                 IN      MX      100 mx1.isp.com. 
> >                 IN      MX      100 mx2.isp.com.
> > <SNIP 
> >################################ 
> > 
> > so that they both get about the same amount of inbound messages. Has
> > anybody  here actually done this? How well does this work as far as
> > failover if either  system fails? 
> > 
> > -Ben 
> > -- 
> > "The best way to predict the future is to invent it."
> > - XEROX PARC slogan, circa 1978
> > _______________________________________________
> > CentOS mailing list
> > CentOS at centos.org
> > http://lists.centos.org/mailman/listinfo/centos
> 
> ---------- End Original Message ----------
> 
-- 
"The best way to predict the future is to invent it."
- XEROX PARC slogan, circa 1978

Benjamin Smith wrote:
> Currently, we have two mail relays for inbound messages, and a third for
POP.
> 
> The inbound messages go thru all the CPU-intensive anti-spam stuff, and
then
> they relay it to the POP server for pickup. 
> 
> Currently, one of these is the "primary", and the other is
"secondary", and
> I'd like them to be considered more or less as equals, since the
"primary"
> system is getting beaten pretty hard. 
<snip>
> so that they both get about the same amount of inbound messages. Has
anybody
> here actually done this? How well does this work as far as failover if
either
> system fails? 
> 
> -Ben 
I'm using a similar setup at work, two identical Linux boxes (with a 
pair of equal-priority MX records pointing to them) running 
Postfix/Amavisd/SpanAssassin/anti-virus feeding to another box acting as 
the POP/IMAP server.  The DNS round-robin stuff does a fair job of load 
balancing but it's not perfect, I'm still looking into alternatives for 
that.

In order to make the two servers redundant I'm using the LinuxHA 
heartbeat stuff to make one of the servers take over the IP address used 
by the other server for mail.  So far it's survived several 
single-server failures without a hiccup.

Just my $.02
-- 
Jay Leafey - Memphis, TN
jay.leafey at mindless.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5322 bytes
Desc: S/MIME Cryptographic Signature
URL:
<http://lists.centos.org/pipermail/centos/attachments/20051025/08c1eccb/attachment-0002.bin>

On Tue, 2005-10-25 at 17:03, Benjamin Smith wrote:
> Currently, we have two mail relays for inbound messages, and a third for
POP.
> 
> The inbound messages go thru all the CPU-intensive anti-spam stuff, and
then
> they relay it to the POP server for pickup. 
> 
> Currently, one of these is the "primary", and the other is
"secondary", and
> I'd like them to be considered more or less as equals, since the
"primary"
> system is getting beaten pretty hard. 
You might be better off trying to make the reception more
efficient.  MimeDefang http://www.mimedefang.org does a
good job and techniques to improve efficiency are discussed
on the mailing list.

Does your 'outside' box have access to the user names or
does it blindly relay everything to the inside box?

-- 
  Les Mikesell
    lesmikesell at gmail.com

Quoting Benjamin Smith <lists at benjamindsmith.com>:
> I seem to recall that I make them act as "equals" by simply
changing this to
>
> ###############################
> @isp.com
> <SNIP>
>                IN      MX      100 mx1.isp.com.
>                IN      MX      100 mx2.isp.com.
> <SNIP
> ################################
Yup, that's the way to do it.
> so that they both get about the same amount of inbound messages. Has
anybody
> here actually done this? How well does this work as far as failover if
either
> system fails?
As long as your DNS server is serving them in round-robin fashion, they'll
get
about equal load.  Depending on default TTL, it might take some time to really
see load spread evenly (many remote systems probably have cached copy of old
information where mx1 was prefered MX).  So don't think it doesn't work
if you
don't see same load on both server the second you change your DNS 
settings. You might also consider lowering TTL on your MX records, 
however it is
doubtfull how helpfull it is going to be.

If one system fails, everything should still work.  Incomming connections
hitting the failed server would timeout, and remote MTA would try next MX from
the list.  So you are fine there.

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

On Tuesday 25 October 2005 17:09, Jay Leafey wrote:
> The DNS round-robin stuff does a fair job of load 
> balancing but it's not perfect, I'm still looking into alternatives
for
> that.
What do you mean by "not perfect" - it's bad enough that
alternatives are
needed? 

-Ben 
-- 
"The best way to predict the future is to invent it."
- XEROX PARC slogan, circa 1978

Jay Leafey wrote:
> I'm using a similar setup at work, two identical Linux boxes (with a 
> pair of equal-priority MX records pointing to them) running 
> Postfix/Amavisd/SpanAssassin/anti-virus feeding to another box acting as 
> the POP/IMAP server.  The DNS round-robin stuff does a fair job of load 
> balancing but it's not perfect, I'm still looking into alternatives
for
> that.
> 
> In order to make the two servers redundant I'm using the LinuxHA 
> heartbeat stuff to make one of the servers take over the IP address used 
> by the other server for mail.  So far it's survived several 
> single-server failures without a hiccup.
How do you keep the storage synced up?  NFS, drdb, GFS, ...?

Thanks,
Ajay