Good POP3 Server for Huge Mailboxes?

brainchill asks: "I've got about 10,000 users split between a couple of quad 550 xeon machines. The machines have 2GB of ram. The problem is that the UW POP3 server takes a huge hit in both cpu and memory utilization when a 40+MB mail spool is requested via POP3. Sometimes it's bad enough to drag the monster boxes to their knees. What other POP3 daemons do you guys have experience with and how do they perform with large mailboxes"

qmail

[jason_watkins]

Read the various qmail + whatever guides. Also, remember that system tuning can make a difference as well.

Re:qmail

Yes I would recomend qmail and if you ran a lot of virtual hosts then qmail+ldap would be great -- now to apply all the patches correctly and get it setup.

MS

MS Exchange.

You know you want to.

Re:MS

[PeekabooCaribou]

Heh, not funny.. That's what my university's ITS department has decided to migrate to. =(

Re:MS

[lposeidon]

i do not want to but i have to. damn the goverment. over 50,000 users, using webmail. (MS product) on sevral servers dedicated for that... it works well. until the mail server dies.... the webmail servers are still running..

Ever think of FTP?

[roachmotel3]

You know, I think it's funny that SMTP (SIMPLE Mail transfer protocol) turned into an FTP replacement. If people want to send 40 meg files around the internet, maybe they should use something designed to transfer files, like ftp or scp.

Re:Ever think of FTP?

[bdash]

How is this relevant to the question asked? The poster asked for a POP3 server that copes well when serving a mailbox > 40MB. This mailbox could have 1 40MB message or it could have 41000 1k messages.

Sending large emails via SMTP may not be the best useage of the protocol but in many cases (read - when one party is running Windows) it is very difficult to use FTP or scp to accomplish the same task as the tools are simply not available.

Re:Ever think of FTP?

You're right; FTP is impossible under Windows.

C:\>ftp
ftp>_

Re:Ever think of FTP?

[vipw]

using that client is about impossible...

Has anyone ever used a worse ftp client then the one microsoft bundles? It's even worse than the telnet client.

Re:Ever think of FTP?

[Ayende+Rahien]

Really?
All you've to do is put the ftp's adress on explorer's adress bar, and it will work.
The interface is the same as if you are browsing your own files.

Re:Ever think of FTP?

[bdash]

That relies on there being an FTP server for you to access though. If you have an FTP server available, then yes it is very easy. Otherwise, that solution doesnt really help at all.

Re:Ever think of FTP?

[Ayende+Rahien]

There are enough public FTP servers out there, not to mention that IIS has FTP server, so it's not a problem.

Re:Ever think of FTP?

[bdash]

Personally, I think its a much bigger problem than you make it out to be. First, IIS only comes with the 'Professional' versions of Windows. The fact that it is vulnerable to a large number of exploits unless frequently updated would scare the begeezers out of me enough to flag that idea completely. When IIS is installed, does it start runnning as a service by default or is its activation required somehow?

As for public FTP servers, there is the issue of finding a public FTP server that allows uploads of files larger than would be considered appropriate for email (from 3MB to over 75MB). Also, once you've uploaded the file and emailed the recipient the URL, _anyone_ can get the file. Not good for anything even slightly private. Yes, email is not private. People can eavesdrop on the mail transfer and read your mail, but the number of people who have access to this situation is much lower. If you dont mind this, and can find a suitable server, a public FTP server is definately a good option to use. Your mailservers will thank you for it.

Re:Ever think of FTP?

[thisisatest]

What? That client is fine... What do you expect from a terminal-based client? It's just when idiots make thirty character long directory names that things get ugly.

The Win9x telnet client, on the other hand, was abyssmal.

Re:Ever think of FTP?

[wcb4]

IIS does not install by default, you need to select to install it (go ahead, complain about this while praising that on other operating systems you can choose what to install). When installed it does run as a service. If, however, you are not using windows 2000 professional or above, then there are free alternatives..... my favorite, Sambar, among them which operates as a very fine web server as well as ftp server. There is no reason that anyone on windoes who wants to run an ftp server cannot, but, as stated before, this really has nothing to do with the topic.

Re:Ever think of FTP?

[0x0d0a]

I have never understood the hostility of mail admins to large emails. Simply because a number of mail servers have piss-poor performance with large emails is not a reason to go crazy over them. Fix the mail server.

Oh, and the fact that some people still use POP3, and their life is made miserable when they're working with large files over a modem. People should use IMAP.

There are quite legitimate uses for file transfer via email. Most people (i.e. not UNIX geeks) do not want to maintain a file server and keep their system up 24/7. The other person may not be at the computer...this puts it in their "queue of things to deal with".

If you mean "why don't people use ftp to transfer files to a third, intermediary system that acts as a drop box"...well, that's doing exactly what you're doing with SMTP. Why *not* do it with SMTP?

Finally, from a user perspective, mail is much more convenient to use than dedicated file transfer protocols. Most people constantly use a mail program and know how to use it reasonably well. Everyone has an email address (a more useful mapping to users than an IP address that FTP would require), and there are no worries about different companies having different places to drop files. Email lets users sort and date emails, and tag files as being from some user. It makes it accessable from anywhere they can get at their email.

Another thing that mail admins should live with is large mailboxes -- not just a single mail, but people leaving mail on the server, or keeping old mail around on the server. This is one of the *best* things to happen to IT. It's been the holy grail of NC designers for years. Centralize data storage to reduce costs, allow reuse of hardware, and facilitate backup.

Frankly, if anything, mail should be extended to have *better* support for this (like resumable transfers, etc). The FTP model -- where you have machines that are always up 24/7, users that associate well with "computers" rather than "other people", users that are familiar with a larger number of programs, and a network that has no firewall or other restrictions -- simply doesn't fit the reality of what's going on at businesses today. It's fantastic for techies who want to work with their own systems, but less good for your average end users.

Re:Ever think of FTP?

[sk8king]

The problem with sending the files through email is that the file size increase by 1/3 and it generally seems slower. A 3MB file becomes 4MB, a 30MB file becomes 40MB etc. What there should be is a system that will allow people to direct files to other people, like email, but have the speed and space advantages of FTP.

Maybe people should just email links to files/attachments on file servers, and the link will contain the information [login/password] that will allow the browser/email program to properly access the file.

Re:Ever think of FTP?

[0x0d0a]

The problem with sending the files through email is that the file size increase by 1/3

No 8-bit MIME?

and it generally seems slower.

[shrug] Unless the server is poorly designed and is the bottleneck, that shouldn't be the case. A TCP connection is a TCP connection is a TCP connection.

Re:Ever think of FTP?

[sk8king]

I was referring to the Base64 encoding [the one I'm most familiar with I guess and what everyone appears to use] which will increase the file size by 1/3 and by having a larger file, it will appear to take longer to download. Oh well, time to read up on 8-bit MIME. ;)

Re:Ever think of FTP?

Hm? It has get, put, bye etc exactly as ftp on any unix system I've been on.

Re:Ever think of FTP?

[varebel]

If you mean "why don't people use ftp to transfer files to a third, intermediary system that acts as a drop box"...well, that's doing exactly what you're doing with SMTP. Why *not* do it with SMTP?

Because it's wasteful. Encoding binary files for transfer via SMTP makes them 25% larger.

Re:Ever think of FTP?

[0x0d0a]

Encoding binary files for transfer via SMTP makes them 25% larger.

Use 8-bit MIME.

Stop using mbox and switch to Maildir

[Electrum]

You won't get good performance with mbox, period. You need to switch to Maildir. qmail-pop3d works great with Maildir. Maildir scales far better than mbox since it doesn't have to parse out the individual messages. It also doesn't have to use locking. This also makes Maildir inherently more reliable than mbox. There are many tools available to convert between mbox and Maildir.

Re:Stop using mbox and switch to Maildir

[zsazsa]

Check out this detailed mbox vs. Maildir comparison. Maildir really knocks the socks off of mbox in almost all of the tests.

Courier's POP and IMAP servers (the IMAP server is used in this benchmark) have performed excellently for me in both qmail and Postfix installations.

Re:Stop using mbox and switch to Maildir

[phaze3000]

Actually, maildir *can* be just as bad, if not worse.

I work for an ISP where we have ~ 50 000 email users. Maildir's great when you have a few messages, and if one of these messages happens to be big then it doesn't matter. However, if a user has tens of thousands of emails of whatever size in their mailbox (happens far, far more often than you might think) then just getting a list of files in the directory can take an age. In the scenario where a user has masses of small messages (sub 2k) then mbox would probably be faster.
Whilst I'd certainly recommend using Maildir over mbox, it's certainly not going to solve all the problems.

Re:Stop using mbox and switch to Maildir

[rplacd]

Another option is using a filesystem that handles large numbers of files in a directory.

Probably the best option is to have your local mail delivery program write out both the message and keep a header cache. The pop server simply reads the cache to get the info it needs to present to the user, while still manipulating the message files to give the user
his/her messages.

Modifying the local delivery app is trivial if you use, say, qmail-local or procmail to do the work. I could probably whip something up in a couple of hours. However, it does break one of the main principles of maildirs -- no locking. You'll have to lock the header cache file in order to append or delete from it.

Someone else recommended cyrus; that might also turn out to be a useful option. It already does something like this.

Re:Stop using mbox and switch to Maildir

[phaze3000]

Another option is using a filesystem that handles large numbers of files in a directory.

I agree, I've speculated on the potential performance increase something like ReiserFS might bring. At present we use a NetApp filer for all our storage, with is extremely robust (it's never ever failed in the three or so years we've had it), great for features like snapshots, but not blazingly fast. Realistically, the performance at ersent is 'good enough', and I'd rather mediocre performance and excellent uptimes than mediocre uptimes and excellent performance.

Re:Stop using mbox and switch to Maildir

[Electrum]

However, if a user has tens of thousands of emails of whatever size in their mailbox (happens far, far more often than you might think) then just getting a list of files in the directory can take an age.

This is a filesystem problem. Use a better one. On FreeBSD, enable dirhash. On Linux, use ReiserFS or ext3 with htree.

Re:Stop using mbox and switch to Maildir

[adolf]

Good information.

Now, wrap it into a (pre-existing?) HOWTO. Get it published on defcon1.org. Whatevevr it takes.

But don't leave it as a random, 1-sentence Score:3 posting on Slashdot, where it will do little good for future masses encountering the same, doubtless growing, problem.

Thanks.

Re:Stop using mbox and switch to Maildir

[davidu]

This is a flaw in your filesystem.

If you can't solve this by getting a better filesystem then look to the Maildir specs about how you can implement transparent hashing in the Maildir's themselves (based on timestamp/whatever)

Maildir is easily the way to go compared to mbox on a large user system.

-davidu

Re:Stop using mbox and switch to Maildir

[Matty_]

I've used the Postfix + Courier-IMAP combination with Maildir on a production mail server and it worked very well.

Every now and then I would have a customer call who was having problems getting their mail due to a corrupt bad message in their mailbox. Getting rid of the offending e-mail was a simple 'rm' command in the shell.

Re:Stop using mbox and switch to Maildir

[Electrum]

Now, wrap it into a (pre-existing?) HOWTO. Get it published on defcon1.org. Whatevevr it takes.

But don't leave it as a random, 1-sentence Score:3 posting on Slashdot, where it will do little good for future masses encountering the same, doubtless growing, problem.

You've never heard of Google? The information is out there, but you need to be willing to spend the thirty seconds necessary to find it.

mbx

[zsmooth]

I use mbx personally (NOT mbox) and it scales wonderfully. The mailbox is fully indexed to speed up searching and can be accessed simultaneously by various processes. See here for more information.

Qpopper

[roly]

Try Qpopper

Yes, qmail

[Scarabaeus]

I can only second that. qmail runs like a charm and scales.

Check out cr.yp.to/qmail.html and www.qmail.org

Cyrus?

[Pathwalker]

Have you looked at Cyrus? It is probably best known as an IMAP server, but it has very nice pop3 support as well.

Cyrus stores messages in a variation of the maildir format - it maintain a database of the flags, headers, etc for the messages in a folder to speed up access.

Notable features include shared mail folders (with independent views), quotas, multiple mail partitions (with the ability to move users across partitions on the fly), duplicate email checking, and a server side filtering language (sieve).

Most of this would probably be most useful if you were using IMAP, but it should scale quite well as a POP server.

Re:Cyrus?

[Matthew+Weigel]

Mostly right, in a very broad non-technical way.

Cyrus's mailstore system is actually quite different from Maildir, in particular because it doesn't need to play games with user processes (the way read/unread messages are handled in Maildir is handled that way so multiple processes can manipulate messages at the same time, for instance).

Also, most of the abilities you list are simply unavailable via POP; Cyrus is massive overkill for a POP server, and would require even more resources (particularly disk: the users that have 40MB spool files now could probably find themselves with 2GB of mail if you let them... and even the non-abusive users would require more storage for IMAP than for POP).

Incidentally, we use qpopper to handle POP - and quite a few users go over 40MB without killing our (not particularly beefy, and not dedicated mail) servers. I suspect the real problem is that the guy is using uw-imap's POP server - the author of which is notoriously unconcerned with the performance (or lack thereof) of spoolfiles being served over POP. Which is perfectly reasonable - he writes an IMAP server, he should be concerned with IMAP performance, and if he writes a better mailbox format (he has) then he should also concern himself with that and not a 20+ year old format.

Actually, if one were so inclined, IMAP makes a better POP than POP3 - just disable the ability to create new folders, and use a better mailbox format (mbx, Maildir, ...).

A left-field solution

[grossdog]

If you want your users to love you, check out Dartmouth's
Anyone who has ever been to Dartmouth or any other school using a BlitzMail installation will vouch for the strength, ease of use, and plain usefullness of the system.

fast pop3d

[robaman]

I would say: try popa3d.

We just went from cucipop to popa3d on a sendmail box supporting ~10000+ users. The load dropped from ~8 to ~1.5 during peak hours.
Before cucipop we were using qpopper, and the switch from qpopper to cucipop made a similar drop in load. Remember that this were with the "old" versions of qpopper, before the remote-root vulnerabilities were found. Don't know about the performance of today's qpopper.

DBMail

[m0rph3us0]

http://www.dbmail.org/ I was looking thru their site, havent actually used it but it sounds like it might reduce the load on you're servers massively. tho i'd want to use postgres and not mysql for the back end.

Not free but ...

[Ashran]

CommuniGate Pro is the best Email Svr I'Ve ever used.
Its easy to configure, very feature rich, performant and features cluster config.

The only problem is it costs you an arm an a leg for the amout of users you have.

I'm running it with only a couple of hundred users using mostly IMAP but I never had any problems with it.

Re:Not free but ...

[sk8king]

Its free if you don't mind the "delivered by CommuniGate Pro" message on each message.

I use it as well and must say it has excellent features for monitoring/restricting email and web pages. GUI based [some people here may not like it], but it is well laid out. It also has a CLI interface that will allow you to do ALL your maintenance from the command line or scripts you write.

Re:Not free but ...

[sk8king]

Oh yeah, and the server I was running was on a single processor pentium II 450Mhz with >8000 users....no apparent problems with scaling on that one. Plus clustering capabilities

Your problem is caused partly by hardware?

[Futurepower(R)]

Could your problem be caused partly by hardware? Hevanet.com, the best ISP in Portland, Oregon, USA, uses a special SCSI system run with a special version of NetBSD supplied by a company in Arizona.

Retrieval of mail stresses the filesystem; Hevanet's system is a combination of OS and hardware meant to take the load.

Mailbox format

[GoRK]

Good christ, you'd think that by the time you outgrew a QUAD XEON mailserver with only 5000 users, you'd have been reevaluating performance before plunking down what must have been close to 10-15 grand or more at the time on a second one!

Your mailbox format is all wrong. Storing all messages in a single file is pretty much the worst way to do anything useful. You want to explore some alternative storage format such as mbx or maildir. I personally use maildir on ReiserFS on Linux and have good luck. (The filesystem is VERY important for maildirs. ReiserFS's block tail support and directory indexing give it major disk space and speed advantages for a maildir mailserver application, while running something like maildirs on XFS would instantly kill your server. I hear mbx is pretty good too, if you're stuck on some sort of standard filesystem since it uses indexing and fewer files than maildir. The downside is that it's not as immediately parseable as maildir or mbox... Ie you couldnt write a script to say... delete extremely high scoring spam messages from any user who hasn't checked their mail in over 3 months, or other things ISP's might routinely do to maintain their servers.

Finally, if you plan to scale way up there (60,000+), you need to start looking at better cluster systems than just a couple machines. Specialize the tasks of several machines to do mail storage or talk POP3. Look at something like POPular for specialized POP3 server clustering software.

~GoRK

Re:Mailbox format

Because I don't know the answer, please at least briefly explain why XFS is bad with maildir and reiser is better. Thanks.

Re:Mailbox format

[GoRK]

The main reason for me is unlinks (deletes) on XFS are dog slow. A file deletion happens whenever a message is retrieved from a maildir (most pop3 clients issue a DELE after each message).. It adds up when you have a few hundred (or thousand) users connecting concurrently since it means that people have to be connected longer. The biggest advantage to reiser in a maildir setup, though, is the sector tailing. Messages are routinely a lot smaller than the sector size of a disk. You can save tens of gigs easily on a large mailserver with reiserfs.

popa3d

[honold]

extracted source is 84k. highly secure, and tiny. default pop3 daemon in openbsd.

from their DESIGN doc: http://www.openwall.com/popa3d/DESIGN

Here's some real performance data that I've collected (popa3d running
via inetd; larger sites would use the standalone mode instead):

24864 295.50re 16.92cp popa3d*
12749 4578.88re 15.50cp popa3d

That is, 12749 POP3 sessions took 32.42 minutes of CPU time (on a 350
MHz Pentium II); of those, more than a half was spent in the temporary
child processes. It's not that bad though, as this system was running
an (intentionally) expensive crypt(3) that got accounted to the child /etc/shadow authentication processes.

Before upgrading to popa3d, the same machine was running qpopper (out
of inetd, too):

12025 3169.38re 35.56cp popper

It used to take a bit more CPU for less POP3 sessions.

Maildir

[decep]

The key to getting better performance is Maildir. Instead of using a single machine, use a "cluster" of machines and share the Maildir of NFS (or some other network sharing means). Of course, a maildir format mailbox would probably lower your overall utilization as well.

Yes, but...

[wsapplegate]

I chose Cyrus for a customer that needed a MySQL backend for his server. But I quickly ran into a problem : the minimal timeout for unlocking the mailbox in the Cyrus POP3 server is 10 minutes (yes, that's right. 10 _minutes_ !). As people with buggy mailers (*cough* Outlook Express *cough*) are very common nowadays, I was forced to go patch the sources to weed out that stupid limitation. What's sad is that I found lots of messages on their mailing-list talking about this problem since a long time, and that one-liner patch never made it to the tree, which would lead me to think the authors are unconcerned about the needs of their users (I hope I'm mistaken here)...

BTW, there is a fine POP3 server that we've used without problems for a year (and we've customers that *never* empty their mboxes, so we've huge 300 MB horrors lying on the primary MX hard disk). It has no frills but works like a charm. It's called Solid-POP3, it's Polish, made by the same people who brought you the PLD Linux distro, and you can download it here (alternatively, just do an `apt-get install solid-pop3d' if you run that good ole' Debian :-) Or else, you could try using LARTs on your unruly, mailbox-filling users... Good luck to you, anyway !

Samsung Contact

Samsung Contact should deal with that on a single server without breaking a sweat.

Spoken like a true user

[cbass377]

You think admins care about how big the email is. not really, until it trashes the server when you try to send a 450 MB powerpoint slide show home so you can "work" on it. When the server bombs, and they will, I garantee you will be the first one to gripe when you can't read you joke of the day with your coffee, or check out the pr0n you frat buddy sent you.

Re:Spoken like a true user

[0x0d0a]

If a mail server is "trashed" or "crashes" (I've also seen complained about) simply because it was sent a large email, then the server is, frankly, buggy. Instead of trying to run with a flaky server and put policy requirements on users to work around the problems in the server, use a non-broken server.

sendmail

you know it wants you to ;-)

Re:sendmail

Sendmail does SMTP not POP3.

InterMail!

[rthille]

Ok, we call it Openwave Email Mx now, but it still scales like a mother. I run it. But then I work for Openwave on Intermail :-)

http://www.openwave.com/products/messaging_suite /e mail_mx/index.html