PostFix (+what?) vs Google Apps : Linode Performance

So I've got:-

  • 360 Linode, running…

  • Intrepid (32) Nginx MySQL5 PHP5 Wordress

  • with 10 scheduled sites, only 1 or 2 demanding.

And my thoughts are:-

How much would a mail svr detract from my Linode's performance? I get a couple hundred emails a day, plus feeds about thrice that. I have no idea how demanding that is (but usually I don't reply!)

So do I go Live/Google Apps or would my email solution be better handled by me? I'm sure it's a personal choice. Currently I have a great solution, where a bunch of mailboxes resolve to one, and I SMTP that with Thunderbird. I would like the same nad don't like webmail, nor my data spread about. And I'm not worried about not even knowing what modules I have to consider (but tips are greatly appreciated.) But I don't want my shiny new setup coughing at the mailbox.

…Or is this just a dumb question? Sorry, only just started considering this. And with WordPress, it would probably be inconvenient not to have a mail svr on board, I suppose.

I have installed PostFix already though, and it works from the CLI, in and out. Or was PostFix a hasty mistake?

I understand nginx has some built-in modular mail functionality. Does anyone have experience of that?

Cheers all.

14 Replies

i have a similar setup (exim instead of postfix)

i started with a nginx/php/postgres/sqlite site and google apps and later replaced google apps with exim to forward the emails to my existent gmail account.

adding exim to the installation didn't make much of a difference. iostats went up by a bit but CPU stayed pretty much the same (= idle).

oh, and expect a bit more traffic and connections once you started taking care of mail traffic yourself. but that shouldn't really cause any performance issues.

I like postfix, but exim is also good. I think that postfix has the edge on performance and security (at least historically), while exim is a bit more configurable (at least built-in).

The most troublesome aspect of handling things yourself won't be the MTA–they're all pretty efficient--it's dealing with spam, viruses and directory harvesting attacks. These are the parts of the system that can become rather intensive. I'm not sure how many mailboxes/domains you have, but you might consider outsourcing this one part to a provider that will act as that filter and "perimeter defense". There are a variety of vendors for this, all I can say is do NOT use Tucows. Definitely still my provider meltdown story of the decade.

that's why i went with exim.

postfix was a pain to configure while exim allowed me to do hat i wanted (fwd emails from a few domains to my gmail account) in less than 10 minutes.

as for spam, viruses, etc, that's why i forward my mails to gmail, they take care of the filtering for me.

oh dear… this is begining to depress me… have started configgin postfix, to work with courier. hmmn.

i guess if all fails, exim, 10 mins, that sounds good …

but

i do have a lot of email addresses, and need a catchall, and after spam catching for the remainder to either be available by smtp, else i'll pop.

does that sound viable with postfix. and spamassassin?

god's honest is that, having installed a basic postfix config as part of nginx setup, i've now gone with the solution where the tutorial seems the clearest.

…then again, while i found some top walk-thrus for the web server, for mail there's less clarity.

i was hoping to use nginx' mail module but the spec's written in Russian. didn't want to trust that one to freetranslation, really ;)

@the_guv:

oh dear… this is begining to depress me… have started configgin postfix, to work with courier. hmmn.

i guess if all fails, exim, 10 mins, that sounds good …

but

i do have a lot of email addresses, and need a catchall, and after spam catching for the remainder to either be available by smtp, else i'll pop.

does that sound viable with postfix. and spamassassin?

god's honest is that, having installed a basic postfix config as part of nginx setup, i've now gone with the solution where the tutorial seems the clearest.

…then again, while i found some top walk-thrus for the web server, for mail there's less clarity.

i was hoping to use nginx' mail module but the spec's written in Russian. didn't want to trust that one to freetranslation, really ;)

That's perfectly possible with Postfix. In fact, I find postfix even easier to configure than exim, but then again I rarely work with exim …

for catchall look at: virtual maps

for spamassassin / virus check: procmail

@saman007uk:

for catchall look at: virtual maps

for spamassassin / virus check: procmail

thank you. when i've got the base mail svr to work, I'll look at those. …had been wondering about both matters.

A mail system is not going to use much in the way of resources, unless you use some form of content-based scanning such as SpamAssassin. If you set up Postfix with sanity checks and greylisting you will eliminate the vast majority of spam. Some background on the conceptual approach to take is in this presentation.

The next step after that would be to use a DNSBL like Spamhaus (I'd use just the PBL to start out). Content-based filtering should be a last resort as it is the most resource-intensive approach.

One system I have running on a Linode uses only the Postfix sanity checks and greylisting, and passes fewer than 20 spam messages per day. We considered using the Spamhaus PBL but decided against it since the problem was small enough to be manageable without it.

tx Vance.

I've gone for Google Apps for now, imap'd to Thunderbird. It was the lazy solution.

The thing is, I'd spent ages sorting spamassassin last time around, and would ideally avoid that again…but I'm putting off the inevitable.

I've got 18 months left with my old webhost, Lunarpages, and am pleased with teh email solution there. When I've got some time I think I'll look at using postfix to forward email to my Lunar email, utilising the spamassassin I've already set up.

Hope you don't mind me chipping in here ^^

I have 2 domains for personal and family use, with less than 5 accounts per domain. After a lot of reading and trying to understand the Postfix, Spamassasin & ClamD setup I decided it was too over the top for my needs.

This afternoon I signed up for Google Apps for each domain and within an hour or so it was all up and running. It means I have a few extra system resources to use elsewhere on my Linode, so it was win-win for me ^^

Should the need arise I'll certainly consider running my own mailserver again, but for now I'm sorted.

aye Nexx…i think a lot of folks feel similarly. google apps seems to fill my need too. nicely imap'd to thunderbird, all that…

I set up the MX records according to Google's instructions:

Here are each of the columns in turn:

Mail Servers:

ASPMX.L.GOOGLE.COM

ALT1.ASPMX.L.GOOGLE.COM

ALT2.ASPMX.L.GOOGLE.COM

ASPMX2.GOOGLEMAIL.COM

ASPMX3.GOOGLEMAIL.COM

ASPMX4.GOOGLEMAIL.COM

ASPMX5.GOOGLEMAIL.COM

Preference:

10

20

20

30

30

30

30

Subdomain:

mail

(for all)

TTL:

2419200 (4 weeks)

(for all)

I have A/AAAA records for (blank) and www to my linode's IP.

I have an unrelated CNAME record (feedback points to a third party's site).

I have no TXT or SRV records (though I've been told to construct a SPF record from TXT eventually).

I have a SOA record for ns1.linode.com

I have 4 NS records for ns1.linode.com, ns2.linode.com, etc that point to .com

Is this what you guys did and it just worked? I've waited 48+hrs between changing configurations. Nothing I do seems to work.

irc folks just helped me out. i can't believe i never tried without the 'mail' subdomain. the MX records should be directly to .com the webserver will still work fine!

you can optionally point mail.you.tld to ghs.google.com, and then configure the url in the gmail domain admin, then mail.you.tld will get bounced to the gmail login screen

Just chiming in to say that running a small mailserver is a horrid, thankless job. Google or some other email specialist is just so much better at catching spam while letting legit mail through than anything I've be able to do with spamassassin, rbls and greylisting.

Plus, as others have noted, content based filtering can be resource intensive. Greylisting and discarding mail to invalid addresses helped a lot with resource utilization on the mailserver I was running, but it immediately starting crawling back up.

Finally, greylisting delays legitimate emails from new correspondents. That might be acceptable for you, but its not acceptable for some people/organizations.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct