On 24 Mar 2021, at 6:16, Patrick Chemla wrote:
Hi,
Apparently, searching Google, I still can't find a good solution to
build a fault tolerant emails platform.
That is because such systems are typically 'bespoke,' designed to fit
specific circumstances and it isn't in the interest of people designing
and deploying them to generalize and publish their efforts. You may be
able to find descriptions of such systems in archives of USENIX/LISA
presentations and there have been many discussions of the topic on this
list in the past decade, but you won't find a turnkey solution.
Fault tolerance in the scope of Postfix (SMTP transport, initial
submission, and local delivery) is achieved temporally rather than via
complete redundancy. Communication failure during SMTP or submission
transactions result in deferred delivery rather than hard failure, with
duplicate delivery being the worst case scenario. Spreading risk and
speeding fault recovery is done most resiliently by DNS load-balancing
at the IP address layer: one MX record, multiple A/AAAA records.
Is there any good solution to synchronize 2 emails servers, including
incoming mails,
Not within the scope of Postfix. Once mail has been delivered (i.e. no
longer Postfix's responsibility) there are good solutions for redundancy
in mailstore management and IMAP service (e.g. Dovecot, Cyrus, etc.) The
Postfix queue subsystem isn't designed to be accessed by multiple
instances simultaneously, so using shared/replicated filesystems for the
queues is just creating new and complex modes of queue failure. The best
strategy for recovering from a failure that leaves mail in the Postfix
queue is a high-availability POSIX-compliant filesystem that can be
taken over by a standby Postfix instance when a failure occurs.
having users connected to any of the server?
Note that users typically connect to Postfix briefly and infrequently
when sending mail, and it is trivial to make multiple Postfix machines
functionally equivalent from the viewpoint of a SMTP or submission
client, via DNS. The same can be done for IMAP instances, if you use one
of the available solutions for HA/clustered IMAP.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
