Stephan “Steff” Reiter

Operating your own mail server has advantages (like the feeling that you can do 😄) it but also brings up some additional workload.

There is a huge difference between a backup and a high-availability solution. Backing up your mailboxes is easy, but a an outage tends to come up when you least expect it and mails you received or sent since the last backup are lost. This gap can be closed by replicating mails in real time between servers. The replication server could even act as a failover server, but that’s a different topic.

I am using dovecot for imap/pop3 access to mailboxes and good for me, dovecot supports replication out-of-the-box. For my installation to setup dovecot I followed basically the excellent guide for a mail server setup at workaround.org (strongly recommended if you never did that before and want to get your feet wet!!!) to setup dovecot on two machines.

In order to make those machines aware of each other we have to create an according configuration file which I put into /etc/dovecot/conf.d/100-replication.conf . This file is basically identical for both systems, just the name of servers have to be adjusted accordingly. So we need to define the following before we can create the file:

  • name of the dovecot user on each machine – my user here is vmail on all machines. This is the name of the user that owns (aka can read/write) the mailbox files in the storage (usually not the same account dovecot runs as).
  • a port (tcp) the machines should use to replicate – I chose 4711 here as an example
  • name of the involved servers, mail1.example.org and mail2.example.org for this post

The resulting configuration file looks like this:

#
# for more details please check dovecot.org
#

service replicator {
  process_min_avail = 1
}

dsync_remote_cmd = ssh -l%{login} %{host} doveadm dsync-server -u%u
plugin {
  mail_replica = remote:vmail@mail1.example.org
}

service aggregator {
  fifo_listener replication-notify-fifo {
    user = vmail
  }
  unix_listener replication-notify {
    user = vmail
  }
}

service replicator {
  unix_listener replicator-doveadm {
    mode = 0600
    user = vmail 
  }
}

replication_max_conns = 10

plugin {
}

service doveadm {
  inet_listener {
    port = 4711 
    # strongly recommended to use SSL for the replication....
    ssl = yes 
  }
} 

doveadm_port = 4711
doveadm_password = aVerySecretReplicationPassword

plugin {
  mail_replica = tcps:mail1.example.org # uses doveadm_port defined above
  
  # without SSL if you want to take the risk...
  #mail_replica = tcp:mail1.example.org # uses doveadm_port defined above
}

After a restart all servers are replicating. You receive a mail on mail1.example.org it will be replicated to mail2.example.org.If you delete this mail on mail2.example.org it will also be deleted on mail1.example.org – works really pretty.

This would even allow you to setup a server farm for redundancy or simply give to that good feeling that you have enough copies of your precious mailboxes on top of a hopefully existing backup 😎.