Les Mikesell wrote: | On Fri, 2005-01-14 at 00:00, Aleksandar Milivojevic wrote: | | |>And exactly how scalable are user accounts (the ones stored in flat file called |>/etc/passwd)? That will not scale well. | | | I think you know that's irrelevant for anything using PAM. Dovecot is | equally capable.
I have a mail server that supports approximately 50-60 radio stations across the country with approximately 700 end users. Because of the dispersant number of users and geographic locations, I have set up a certain number of users at the main office to use Webmin to add accounts to the mail server. NOBODY is allowed shell access to the box but me, and the Webmin limits these people's access to the add user applet.
Despite using system accounts which Aleksandar thinks is unscalable, this setup works perfectly. As new radio stations come online, we create a simple text file and accounts are created in batch. As each account is crated, their mail box is set up.
700 users is nothing. You will not see any problems with scalability with that user base. Multiply it by 100, and you'll start seening first problems. Go past 100,000, and things get preaty tight.
Before my wife talked me into moving to Canada (and out of all the warm places in Canada, Winnipeg was our destination), I've used to work for large national ISP where user's were stored in actual /etc/passwd. Mail server worked well until user base got to about 50,000 users on 4-CPU Alpha Server running Tru64 Unix (and later cluster of several Alpha Servers). Then, Internet boom hapened, and user base exploded. Things started to slow down drastically with each new user. Local system accounts proved not to be very scalable solution. In those days, there were no out-of-box solutions based on LDAP, like there are today. So what we did back than, we moved all users from shell accounts into Oracle database, and made patches for sendmail, procmail, and qpopper to work with users that exist only as records inside Oracle SQL database. That same 4-CPU Alpha Server that was beginning to be painfully slow, all the sudden was capable of hosting several milion mailboxes. Now, that is what I have in mind when I say scalability.
If we were to do it again today, we'd probably simply use LDAP and Cyrus, with little development time spent for transition.
-- Aleksandar Milivojevic <amilivojevic@xxxxxx> Pollard Banknote Limited Systems Administrator 1499 Buffalo Place Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7