On Wed, 7 Jul 2004, Tim Showalter wrote:
>moving a user without his client being aware of it. I like this method;
>it's cute, and solves a lot of the problems without a hell of a lot of
>work. (I've never tried it personally, though.)
It looks like a good solution, but it has a flaw; mining for the existance
of email addresses is done with a simple DNS lookup. Almost like the VRFY
SMTP command, not necessarily a good idea these days. Such mining can go
undetected for a long period of time, and the washed email lists increase
in value among spammers. It could be solved by using a differently named
DNS entry though, so something like marc.crispin.deskmail.washington.edu,
with some added logic for the end users.
Where I worked before, we rather used an IMAP proxy server which chose the
appropriate backend. These proxy servers were chosen randomly, and we just
added more when the load increased. The proxy servers used practically no
CPU, no memory and no IO, and were tuned to handle many concurrent network
connections. They just forwarded the requests to one of the backends. All
users used one single DNS name for IMAP. Very simple.
At the point of authentication, the proxy server would query which of the
backends currently held the mailbox for the user who logged in. This was
done via a UDP broadcast ("Who servers mrc?"... all servers kept silent
but one: "I do!"), so it was always up to date as long as the backends
were. Worked very well with mirroring/redundancy too; we had two identical
machines linked together with mirrored storage and a watchdog card each.
Only one of the servers was answering the broadcast requests from the
proxy frontends; the other was sleeping. But when this first machine
stopped answering the watchdog heartbeats, the other machine simply
started answering them instead. The user noticed nothing when a backend
server died.
The same method was used by the SMTP servers, when they chose where to
deliver a message.
Andy :-)
--
Andreas Aardal Hanssen
http://www.andreas.hanssen.name/gpg2
