Moving off Google Apps

From Wiki | LUG@UCLA
Revision as of 23:16, 25 February 2014 by (Talk)

Jump to: navigation, search

LUG@UCLA plans to move all mail services (including lists) off Google apps. This is a long term project, but the ETA is before Summer 2014.


KISS. Try to use the least amount of components, and don't overcomplicate the configuration. For example, don't use Maildrop if Dovecot already has an MDA/LDA. Don't use the high-performance sdbox format if Maildir is well supported and tested.


  • MTA: Exim
  • MDA/LDA: Dovecot LDA
  • MSS: Dovecot
  • MUA: Roundcube
  • lists: Mailman
  • storage format: Maildir
  • storage backup: cron + duplicity to LUG Lounge, cron + duplicity to VTLUUG, etc.

Mail transfer

Mail delivery

  • configure one MDA for each MTA server
  • MDA shall deliver to a Maildir (to be backed up)

Online storage

  • Make the MDA store the Maildir under the mounted directory (via clustered fs) on the mail server so it can be accessed from multiple different MSSs and MUAs.
  • If using Tahoe-LAFS, set up several "dumb" storage servers. At each site that offers mail access, mount the tahoe share using FUSE. Configure additional dumb storage servers wherever possible (e.g. members can volunteer their server). Tahoe-LAFS storage servers contain only encrypted data, so it doesn't matter who volunteers their space. Only the Tahoe-LAFS gateways (MSS and MUA servers) can decrypt the mails and securely hand them to authenticated/authorized users.
  • If using GlusterFS, set up gluster volumes at each site in a replicating configuration. Each site that offers mail access should also mount the gluster filesystem. Consider adding a layer of encryption (e.g. encfs) between the mounted volume and the Maildir.

Offline storage

Occasionally copy the Maildir directory out of the clustered share since we don't actually trust online solutions. We respect people's privacy, so don't just rsync it out to a 3rd party. Easiest solution would be to use Duplicity to automatically perform encrypted, incremental backups to the 3rd party.



  • POP3 over SSL: 995 tcp/udp
  • IMAP over SSL: 993 tcp/udp
  • HTTP over SSL: 443 tcp

Transitional details

  • How to migrate emails from Google Groups to Maildir readable by Mailman?
    • fetch all mails using fetchmail, dump into Maildir.
    • delete all my personal mails that got pulled in.
  • How to migrate users of emails to the internal system (e.g. login access to POP3/IMAP/Roundcube)?
    • look for a way to export a list of users from Google Apps.
    • make use of LDAP/Kerberos to authenticate.
  • How to migrate subscribers to the GNU Mailman mailing list?
    • export a CSV list of users from the Google Groups members page.
    • grep/sed the list for the following information: Full Name, subscribed email,

For users with LUG emails

For subscribers to the mailing lists

External links