Is there any recommendation on using Nginx as a SSL accelerator for
all 4 protocols ( http, smtp, imap/pop). Or if any one is doing this
already, can you share the experience on hardware / os configuration and
what kind of loading you are doing today.
We run it for http, imap & pop (not smtp). Partly due to legacy reasons,
run separate http and imap/pop instances but this still seems reasonable
allow starting/stopping of them separately.
We’re using linux and two oldish (>2 years, netburst xeon) machines as
frontends. We use DNS load balancing between them, and heartbeat to
an IP if one machine dies.
Performance is great. Machines also do a bunch of other things, and
generally only see 10-20% CPU usage. Each machine has about 7000 IMAP
3500 regular IMAP connections alive but has no problem taking double
when one machine is taken down.
You might want to look into tuning these variables.