On Wed, Apr 11, 2007 at 05:50:04PM -0700, David Schwartz wrote:
> Why can't/doesn't Postfix use a separate SSL process? That's the right way
> to do this for a variety of reasons.
There is no single "right way". The current tradeoffs work reasonably
well. It would be useful to migrate established SSL connections between
processes, but instead we close the connection, cache the session on
our side, and hope that the other end does TLS session caching and is
able to resume.
Note that SMTP negotiates TLS mid-protocol, so having a central TLS
connection manager is tricky, a lot of descriptor passing... The machinery
is there now, and with some upcoming work in 2.5, the API between the TLS
layer and the SMTP layer in Postfix is more serializable than in 2.3, so
it is perhaps possible to trade the connected socket in for a pipe to a
one of a pool of TLS connection manager processes, but this adds a lot of
complexity. For now, TLS connection caching is just not important enough
to warrant the complexity. It would be much easier to cache *reachability*,
and throttle connection attempts to hosts recently observed unresponsive.
Anyway this is not a forum for designing MTAs, so I will stop...
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
