[Mailman-Users] Mailman on separate web and smtp load balanced farms.

Brad Knowles brad at stop.mail-abuse.org
Wed Dec 1 01:45:45 CET 2004 

At 5:10 PM -0700 2004-11-30, Matt Ruzicka wrote:

>  I was wondering if anyone is actually doing something remotely similar to
>  this.

	We did the same sorts of things when I was the Sr. Internet Mail 
Administrator for AOL, and again when I was the Sr. Systems Architect 
for Belgacom Skynet (the largest ISP in Belgium).  Separate inbound 
versus outbound mail server farms is typical for larger size 
operations I've seen, and separate webserver farms is pretty much 
required.

>  The outgoing aspect seems like a non-issue in that it appears we can
>  easily configure mailman to dump all mail over to the correct outgoing
>  mail server.  The issue that is confusing me is the separation of the web
>  and the incoming mail.

	For the mail stuff, I would recommend separating the mailing list 
server from the mail servers.  You could still put the mailing list 
server "behind" the inbound mail server farm, but I'd run it as a 
separate beast.

	My preference would be to use a totally separate "hostname" for 
the mailing list stuff that is generic and not specific to a given 
product (e.g., lists.yourdomain.example.com as opposed to 
mailman.otherdomain.example.org).  This makes mail routing really 
easy.


	For the web stuff, I'd be inclined to run a seperate "hostname" 
for the service, then do an Apache reverse proxy on the web server 
farm, pulling the content from the Mailman machine.

>  I have seen lots of talk about running mailman on two different servers,
>  and I did see a few other people offer information that indicated they are
>  using completely separate web and mail servers, but the threads always
>  seem to move towards solutions that merge some aspect of web and mail onto
>  one server.

	That is the kind of solution that tends to work best for Mailman, 
although due to careful programming that tries to avoid the typical 
pitfalls you frequently see with NFS, you should be able to mount the 
/usr/local/mailman filesystem from one machine to another.

	That's assuming you actually trust NFS for anything.

>  I'm assuming I will be installing the mailman files onto an NFS partition,
>  which although there is a lot of legitimate concern, it sounds like the
>  Mailman developers have worked hard to address this.  Although I'm
>  concerned the load balanced farms, in addition to the separate servers,
>  might be too much for any NFS locking model as it relates to Mailman.

	If at all possible, I would try to avoid using NFS just because I 
know that I've run into weird problems with it every time I've had to 
deal with it.  This includes experience at both AOL and Skynet, as 
well as plenty of other places.

>  1. How are people handling incoming mail to an SMTP server separate from
>  the web server?

	MX records direct the mail traffic somewhere else.

>  2. How, if at all, are people handling the above question on a load
>  balanced incoming SMTP farm?

	Load balanced?  In what way?  Are you trying to use DNS 
round-robin load-balancing, or are you actually using a proper Layer 
4 Load-Balancing Switch, such as a RadWARE, F5, Alteon, etc...?


	If the latter, then the switch is pretty much transparent to the 
process.  I'd use what RadWARE calls "Direct Server Return", or what 
some other vendors call "Server Triangulation", however.

	This should limit the traffic that the switch has to actually do 
something with down to just the SYN packets coming in to set up the 
TCP connection, and from that point on it's just a matter of making 
sure that the flows continue to go to the same MAC addresses.

>  3. Do people have any recommendations/warnings for running Mailman on a
>  load balanced web farm?

	See above.  I don't have anything more specific.

>  4. Am I just over-complicating something (the install of Mailman) that
>  doesn't need to be as complicated as I'm thinking (our architecture model
>  aside. ;) )?

	I believe so, yes.  I'm a big fan of the K.I.S.S. principle, and 
mail services in particular tend to benefit greatly from keeping 
things simple.

-- 
Brad Knowles, <brad at stop.mail-abuse.org>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

     -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
     Assembly to the Governor, November 11, 1755

   SAGE member since 1995.  See <http://www.sage.org/> for more info.

More information about the Mailman-Users mailing list