On Sat, 2005-01-15 at 05:38, Aleksandar Milivojevic wrote: > Kevin Fries wrote: > > Les Mikesell wrote: > > | On Fri, 2005-01-14 at 00:00, Aleksandar Milivojevic wrote: > > | > > | > > |>And exactly how scalable are user accounts (the ones stored in flat > > file called > > |>/etc/passwd)? That will not scale well. > > | > > | > > | I think you know that's irrelevant for anything using PAM. Dovecot is > > | equally capable. > > > > I have a mail server that supports approximately 50-60 radio stations > > across the country with approximately 700 end users. Because of the > > dispersant number of users and geographic locations, I have set up a > > certain number of users at the main office to use Webmin to add accounts > > to the mail server. NOBODY is allowed shell access to the box but me, > > and the Webmin limits these people's access to the add user applet. > > > > Despite using system accounts which Aleksandar thinks is unscalable, > > this setup works perfectly. As new radio stations come online, we > > create a simple text file and accounts are created in batch. As each > > account is crated, their mail box is set up. > > 700 users is nothing. You will not see any problems with scalability > with that user base. Multiply it by 100, and you'll start seening first > problems. Go past 100,000, and things get preaty tight. I agree. 700 is nothing. when we talk about using virtual users, we're mostly talking about _large_ user bases. > > Before my wife talked me into moving to Canada (and out of all the warm > places in Canada, Winnipeg was our destination), I've used to work for > large national ISP where user's were stored in actual /etc/passwd. Mail > server worked well until user base got to about 50,000 users on 4-CPU > Alpha Server running Tru64 Unix (and later cluster of several Alpha > Servers). Then, Internet boom hapened, and user base exploded. Things > started to slow down drastically with each new user. Local system > accounts proved not to be very scalable solution. In those days, there > were no out-of-box solutions based on LDAP, like there are today. So > what we did back than, we moved all users from shell accounts into > Oracle database, and made patches for sendmail, procmail, and qpopper to > work with users that exist only as records inside Oracle SQL database. > That same 4-CPU Alpha Server that was beginning to be painfully slow, > all the sudden was capable of hosting several milion mailboxes. Now, > that is what I have in mind when I say scalability. > > If we were to do it again today, we'd probably simply use LDAP and > Cyrus, with little development time spent for transition. You know.. How fast is LDAP compared to using SQL? For one thing, LDAP is optimised for reads rather than writes. I would believe that LDAP is more suitable in this case. Writes are only needed when adding users and that doesn't happen as often as reads. -- Ow Mun Heng Gentoo/Linux on DELL D600 1.4Ghz 98% Microsoft(tm) Free!! Neuromancer 08:59:26 up 12:07, 6 users, load average: 0.58, 0.52, 1.04