I currently have a postfix server and dovecot server sharing files from an NFS server in the UK and the same config in Switzerland. I tried to mailsync but that appeared to lose emails, so then I tried doveadm replication but keeps coredumping and duplicating emails.
I've seen suggestions of using glusterfs and keepalived to manage virtual IPs, but this won't cut the mustard if the servers are on different subnets due to country.
Using keepalived to manage a virtual IP on the local LAN that switches between physical server and port-forward over the WAN, doesn't resolve the issue of split-brain.
Whilst the network is up, I think postfix file locking would be able to manage both postfix servers trying to access the same glusterfs, but what bothers me is split-brain when the network between servers is down, but local in-country networks are up.
Solution 1
Could it work to used DRBD to sync the filesystems from UK to Switzerland, and mail relay postfix from Switzerland to the master in UK, HAproxy redirecting dovecot to UK.
In scenario 1 "split-brain": emails that arrive in Switzerland are queued, and IMAP fails so the user manually reconnects to the current master server in UK.
In scenario 2 "UK postfix server crash", the Swiss server could be promoted to DRBD master, Swiss postfix stops relaying to UK, and HAproxy stops redirecting dovecot to the UK, the UK postfix would be configured upon repair to relay to Switzerland, and UK dovecot get HAproxy to Switzerland.
Does this sound a sensible solution? Or is there a better way, that doesn't get excessively complicated?
