Hello,
I continue working on redesign separate isolate postfix instantes on new
highavailable architecture for inboud mail.
At the moment I have functional PoC (Proof of concept) with this components:
haproxy => postfix gateway => (SMTP/Relay) postfix (filtering) => (LMTP)
dovecot
The configurations was based on samples in book (The book of Postfix and
Postfix Definitive Guide) and knowledge of this list :D.
But what about deploying new filters, or managing a lot of
accounts/domains?.
When requires deploy new filter for example, I want to deploy only for
several domains or final dovecot instances and increase deployment step
by step to all platform in a controlled way.
In this kind of proposal, all postfix filtering layer can send to all
dovecots/domains instances. If I isolate or deploy one postfix isntance
for this purpose, requires reconfigure relays on gateway and lost all
the redundance during the process. ANother aproach should be rolling
update postfix instances and adding/removing from relays gateway, but
when this configurations manages a lot of domains and needs regenerate
relay maps with a thounsands of lines... I dont know is the best idea or
not... and this brings me to next topic.
Has sense try to implement high-available one entrypoint? (clusterized
or not). In terms of configurations for example, this implies create
large map files for "relay_domains", "relay_recipients_map" on gateways.
Maybe has sense split in several high-available clusters? Furthermore,
if I generate several clusters I need to add aditional logical related
with domain-cluster, increase management complexity and requires
generate several sets of MX, because HAproxy cant balance based on
recipients concepts.
Thinking in other large providers for example, they offers only a
reduced MX sets for all domains (gmail for example).
Maybe I need to think in implement multiple gateway levels?
Is there a piece that I am missing or I not planning/thinking correctly?
Thanks!
