Hello David,
----- Nachricht von David Pottage via dovecot <dovecot at dovecot.org>
---------
Datum: Thu, 21 Feb 2019 13:58:14 +0000
Von: David Pottage via dovecot <dovecot at dovecot.org>
Antwort an: David Pottage <david at chrestomanci.org>
Betreff: Re: Virus scan + removal on a mdbox mail storage
An: dovecot at dovecot.org
[...]>> NO! My mail storage is mdbox. And at the moment I have no intention to
>> convert it to Maildir!
> Could I ask why? maildir is a better storage format is almost every
respect.
well, I have a mailbox with about 50k emails ..., so one reason seems
to me better backup performance with mdbox, since there are much less
files to save.
Another reason - you can beat me for this - it's more freaky ;-) - no,
just kidding ...
There was some years ago an interesting lecture from Peer Heinlein
about the mdbox mail storage, I afterwards bought his "Dovecot Buch"
of OpenSource Press and sticked to mdbox.
But I'll test backup of my mail storage converted to Maildir (which
can easily be done thanks dsync)
- If there are no significant time difference, I might then change to Maildir.
[...]> The thing is that users will usually open emails shortly after they
> arrive. Most emails are not opened again later, especially the
> attachments.
you're right about this. And if a user has suspicions abaout a
possibly infected attachment, one can delete the whole email without
hassle.
[...]> For my day job I work for Sophos (A cyber security vendor), so all
> this is familiar to me. If you have the budget for a commercial
> product, then Sophos PureMessage does have postfix support.
> Technical details here:
>
>
https://docs.sophos.com/msg/pmx/help/en-us/msg/pmx/tasks/GSGConfigExtPostfixConfig.html
>
> Other AV vendors probably have similar support, but I don't know any
details.
>
> --
> David Pottage
I know about Sophos. Since my infrastructure is only for me and my
family, I'll use the SAV9-free package ... and will try to integrate
this with Postfix or AmaVisd.
----- Ende der Nachricht von David Pottage via dovecot
<dovecot at dovecot.org> -----
Christoph.
--
Christoph Haas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-keys
Size: 3178 bytes
Desc: ?ffentlicher PGP-Schl?ssel
URL:
<https://dovecot.org/pipermail/dovecot/attachments/20190221/27148c5a/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 821 bytes
Desc: Digitale PGP-Signatur
URL:
<https://dovecot.org/pipermail/dovecot/attachments/20190221/27148c5a/attachment-0001.sig>
On 2019-02-21 22:14, Christoph Haas via dovecot wrote:>>> NO! My mail storage is mdbox. And at the moment I have no intention >>> to >>> convert it to Maildir! >> Could I ask why? maildir is a better storage format is almost every >> respect. > > well, I have a mailbox with about 50k emails ..., so one reason seems > to me better backup performance with mdbox, since there are much less > files to save.Assuming that you backup regularly then maildir is much better, because new emails show up as new files, while old ones are left unchanged. This means that an incremental backup only has to process new emails. With mailbox, the file for the entire folder changes every time a new email is delivered or the user edits any of them, so the whole mailbox needs to be backed up again, resulting in far more I/O and time. The main disadvantage that I have heard is that maildir consumes a lot of inodes, but you can fix that by formatting your filesystem with more to begin with. The ext4 default is 16k per inode, but it is easy to set a different value when you format, or use an FS that does not suffer from that limitation such as XFS, (I use btrfs so I can snapshot my maildir)> [...] >> For my day job I work for Sophos (A cyber security vendor), so all >> this is familiar to me. If you have the budget for a commercial >> product, then Sophos PureMessage does have postfix support. Technical >> details here: >> >> https://docs.sophos.com/msg/pmx/help/en-us/msg/pmx/tasks/GSGConfigExtPostfixConfig.html >> >> Other AV vendors probably have similar support, but I don't know any >> details. >> >> -- David Pottage > > I know about Sophos. Since my infrastructure is only for me and my > family, I'll use the SAV9-free package ... and will try to integrate > this with Postfix or AmaVisd.I am not certain, but I think the free versions of Sophos won't work as an email filter to avoid taking sales of the comercal product. I think you may have to stick with ClamAV, and just use Sophos on your endpoints. -- David Pottage
On 2019-02-22, David Pottage via dovecot <dovecot at dovecot.org> wrote:> On 2019-02-21 22:14, Christoph Haas via dovecot wrote: > >>>> NO! My mail storage is mdbox. And at the moment I have no intention >>>> to >>>> convert it to Maildir! >>> Could I ask why? maildir is a better storage format is almost every >>> respect. >> >> well, I have a mailbox with about 50k emails ..., so one reason seems >> to me better backup performance with mdbox, since there are much less >> files to save. > > Assuming that you backup regularly then maildir is much better, because > new emails show up as new files, while old ones are left unchanged. This > means that an incremental backup only has to process new emails. With > mailbox, the file for the entire folder changes every time a new email > is delivered or the user edits any of them, so the whole mailbox needs > to be backed up again, resulting in far more I/O and time.It sounds like perhaps you're confusing mdbox with mbox. mdbox uses multiple files but not a single file per message. It is fairly sane for backup handling - depending on how you set things up, you can have it rotate after a fixed size, fixed time, or combination. https://wiki2.dovecot.org/MailboxFormat/dbox