Debian, Dovecot

Mail Cluster With Qmail and Dovecot Proxy

This New year started with a new requirement, one of our client wanted a Mail cluster with 3 nodes, one node in US, a VPS, and the rest two in INDIA. Their primary server is one of the server in india. They have 3 category of USERS, all abroad user’s Mailboxes will be hosted in the VPS. For the rest, one set will be in one server and the rest in other. They want all the users to access directly the primary server not their respective server’s. I guess their Admins dont want to work much. Anyways, We decided to go ahead with it.

Since we are Qmail lover’s, we decided to ue the Qmail clustering by using DJB’s qmqpd protocol. In the LDAP, each user will have an attribute called ”mailHost”, whose value will be the FQDN of the server where their mailboxes are hosted. so the qmqpd will use this, mailHost attribute and transfers the mails between nodes to user’s corresponding mailboxes. We use’s Qmail with LDAP patch. In all the 3 nodes, LDAP will be synchronising all the time.Once we have the normal qmail setup running, in order to make cluster we need mainly 3 things.

1) We need to setup the qmqpd service in all the nodes.

2) We need to enable LDAP cluster. This can be done by creating a file ldapcluster in ”/var/qmail/control” folder. If the content of the file is ”1”, then it means cluster is active, ”0” cluster is deactive.

3) We need a dns server that can resolve all the 3 mailhost’s FQDN’s. We usually run DJB’s Tinydns in all our Mail server’s.

Once all the above 3 steps are done, we have a working Qmail Cluster. Mails will be delivered to each user according to the mailHost attribute mentioned in the LDAP.

Next Major thing is IMAP/POP3 services. Since all user’s will be be using the primary server as their incoming server in their MUA like outook,thunderbird, and even webmail user’s will also access the primary server, we decided to use the Dovecot’s Proxy feature, which can proxy the request’s based on the ”mailHost” attribute. When ever a user’s login request comes, Dovecot will check for the user’s ”mailHost” attribute from the LDAP. The dovecot will then proxy pass the request to the corresponding server.

Enabling Proxy in Dovecot is very simple. We need to add the host as well as the proxy variable in the dovecot-ldap userdb and passdb config file. Below is the content of our dovecot-ldap.conf.

hosts = localhost
dn =  uid=dummyuser,ou=People,dc=example,dc=com
dnpass = dummy_password
sasl_bind = no
auth_bind = yes
ldap_version = 3
base = dc=example,dc=com
auth_bind = yes
pass_attrs = uid=user,`mailHost`=host,qmailUID=proxy_maybe
pass_filter = (&(objectClass=posixAccount)(uid=%u))
user_attrs = homeDirectory=home,uidNumber=uid,gidNumber=gid,mailQuotaSize=quota=dirsize:storage,`mailHost`=host,qmailUID=proxy_maybe

This proxy is working perfectly in dovecot2.0 onwards. But in dovecot1.2, the proxy fails, when the mailHost attributes has a FQDN value. But if we mention ip instead of the FQDN, proxy seems to we working. But some times qmqpd will not work properly. That is because the dovecot is expecting values as ip, but we are supplying a FQDN. But in dovecot2.0 onwards, they have added a dnslookup function. But there is patch. We haven’t tested this patch, as we are using dovecot2.0


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s