thr3ads.net - dovecot - Possible architecture ? [Sep 2018]

If this information is useful, please help other people find it:
Share via:

Alexandre Ellert

2018-Sep-18 20:55 UTC

Possible architecture ?

Hi,

I'd like to achieve the following setup whit dovecot using multiple servers
:
- one server dedicated to all client IMAP (TLS) connections (i
<http://mail.numeezy.com>map.mymaindomain.com, see below )
- each backend server has it's own local storage. no replication
- each backend server responsible of a few domains
- each backend server has it's own Mysql local database for user's
passwords.

                                                       ===> Server 1 :
domains A, B and C

====> i <http://mail.numeezy.com>map.mymaindomain.com  ===> Server 2
:
domains D, E and F
             (143 TLS / 993 SSL)
                                                        ===> Server 3 :
domains G, H

For example, if a user connects from domain E to i
<http://mail.numeezy.com>
map.mymaindomain.com, will Dovecot be able to use password database hosted
on Server 2 ?

Thank you !

Alex
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://dovecot.org/pipermail/dovecot/attachments/20180918/f5404a4b/attachment.html>

Alexandre Ellert

2018-Oct-03 13:42 UTC

head link

Possible architecture ?

Hi,

I've got no answer.. Can someone please help ?

Thank you.

Alex

Le mar. 18 sept. 2018 ? 22:55, Alexandre Ellert <ellertalexandre at
gmail.com>
a ?crit :
> Hi,
>
> I'd like to achieve the following setup whit dovecot using multiple
> servers :
> - one server dedicated to all client IMAP (TLS) connections (i
> <http://mail.numeezy.com>map.mymaindomain.com, see below )
> - each backend server has it's own local storage. no replication
> - each backend server responsible of a few domains
> - each backend server has it's own Mysql local database for user's
> passwords.
>
>                                                        ===> Server 1 :
> domains A, B and C
>
> ====> i <http://mail.numeezy.com>map.mymaindomain.com  ===>
Server 2 :
> domains D, E and F
>              (143 TLS / 993 SSL)
>                                                         ===> Server 3 :
> domains G, H
>
> For example, if a user connects from domain E to i
> <http://mail.numeezy.com>map.mymaindomain.com, will Dovecot be able
to
> use password database hosted on Server 2 ?
>
> Thank you !
>
> Alex
>-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://dovecot.org/pipermail/dovecot/attachments/20181003/ca457f08/attachment.html>

João Paulo Sacchetto Ribeiro Bastos

2018-Oct-03 14:41 UTC

head link

Possible architecture ?

Hey Alexandre,

You can achieve your idea setting a MySQL instance, for example, in each
one of your servers and also a Dovecot instance in each of them. Then you
can set your `imap.mymaindomain.com` server to be a imap-frontend that
performs a pre-auth step in the correct MySQL and then forwards the request
to the right Dovecot instance that performs the auth again.

Something like this:
- Request arrives in `imap.mymaindomain.com`
- Check if you host the informed domain
- Check then user domain, for example foo at A.com
- Validate user credentials in MySQL.A
- Forward the request to Dovecot.A

Regards,

Jo?o Paulo Bastos
DevOps Engineer at MAV Tecnologia
Belo Horizonte - Brazil
+55 31 99279-7092
@joaopaulosr at OFTC/Freenode


On Wed, Oct 3, 2018 at 10:42 AM Alexandre Ellert <ellertalexandre at
gmail.com>
wrote:
> Hi,
>
> I've got no answer.. Can someone please help ?
>
> Thank you.
>
> Alex
>
> Le mar. 18 sept. 2018 ? 22:55, Alexandre Ellert <ellertalexandre at
gmail.com>
> a ?crit :
>
>> Hi,
>>
>> I'd like to achieve the following setup whit dovecot using multiple
>> servers :
>> - one server dedicated to all client IMAP (TLS) connections (i
>> <http://mail.numeezy.com>map.mymaindomain.com, see below )
>> - each backend server has it's own local storage. no replication
>> - each backend server responsible of a few domains
>> - each backend server has it's own Mysql local database for
user's
>> passwords.
>>
>>                                                        ===> Server 1
:
>> domains A, B and C
>>
>> ====> i <http://mail.numeezy.com>map.mymaindomain.com  ===>
Server 2 :
>> domains D, E and F
>>              (143 TLS / 993 SSL)
>>                                                         ===> Server
3 :
>> domains G, H
>>
>> For example, if a user connects from domain E to i
>> <http://mail.numeezy.com>map.mymaindomain.com, will Dovecot be
able to
>> use password database hosted on Server 2 ?
>>
>> Thank you !
>>
>> Alex
>>
>-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://dovecot.org/pipermail/dovecot/attachments/20181003/58b1fff7/attachment.html>

Urban Loesch

2018-Oct-03 15:15 UTC

head link

Possible architecture ?

Hi,

we have running a similar setup for some years now (IMAP + POP3).

- frontend imap+pop3 proxy (imap.mydomain.com)
- multiple backend servers
- each backend is responsible for a few domains (ex. domains beginning with a-f,
g-l, and so on)

Database setup:
- 3 MySql Servers in a Master/Slave configuration:
	- 1 Master, where user, password and proxy information are stored.
	- 2 Slaves, each dovecot backend and the frontend proxy is configured to read
the user configuration from the same database.
	- the 2 slaves helps us to keep away the mysql select queries from our master
server. But depending on your workload, perhaps one central mysql
server without slaves is enough.


For proxying requests to the correct backend server see:
https://wiki.dovecot.org/PasswordDatabase/ExtraFields/Proxy

In our setup the frontend proxy does only check if the user exists. If yes, the
request will be forwarded to the correct backend and "real"
authentication will be performed there.

Best
Urban Loesch


Am 03.10.2018 um 15:42 schrieb Alexandre Ellert:> Hi,
> 
> I've got no answer.. Can someone please help ?
> 
> Thank you.
> 
> Alex
> 
> Le?mar. 18 sept. 2018 ??22:55, Alexandre Ellert <ellertalexandre at
gmail.com <mailto:ellertalexandre at gmail.com>> a ?crit?:
> 
>     Hi,
> 
>     I'd like to achieve the following setup whit dovecot using multiple
servers :
>     - one server dedicated to all client IMAP (TLS) connections (i
<http://mail.numeezy.com>map.mymaindomain.com
<http://map.mymaindomain.com>, see
>     below?)
>     - each backend server has it's own local storage.?no replication
>     - each backend server?responsible of a few domains
>     - each?backend server has it's own Mysql local database for
user's passwords.
> 
>      ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?===> Server
1 : domains A, B and C
> 
>     ====> i <http://mail.numeezy.com>map.mymaindomain.com
<http://map.mymaindomain.com>??===> Server 2 : domains D, E and F
>      ? ? ? ? ? ? ?(143 TLS / 993 SSL)
>      ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ??===> Server
3 : domains G, H
> 
>     For example, if a user connects from domain E to i
<http://mail.numeezy.com>map.mymaindomain.com
<http://map.mymaindomain.com>, will Dovecot be
>     able to use password database hosted on Server 2 ?
> 
>     Thank you !
> 
>     Alex
>

Maybe Matching Threads

Search for more seemingly similar threads

dovecot - Sep 2018 - Possible architecture ?

Possible architecture ?

Possible architecture ?

Possible architecture ?

Possible architecture ?

Maybe Matching Threads