On Mon, Aug 08, 2022 at 04:41:57PM -0400, Wietse Venema wrote:
> > Yes. The main complication is that connection caching, TLS session
> > caching and TLS policy are perhaps not quite right if we're not aware
> > that the list of "[host]:port" pairs is actually a single logical
> > destination, so the code would need to be integrated into smtp(8), and
> > look mostly like MX resolution that returns "host:port" values for a
> > single logical nexthop.
>
> We're discussing support for an MUA-specific feature, not high-volime
> MTA-to-MTA support. Connection reuse is less important, as long as
> Postfix does not mix traffic with different authentication properties,
> and that is what SMTP_HOST_KEY is for. So if sharing is a consern,
> just add a "comes from SRV lookup" flag to the connection cache
> lookup key.
>
> > Are keys along the lines of "domain:submission+srv" too clumsy?
I mean TLS policy lookup keys (smtp_tls_policy_maps). The session and
connection caches are already fine, since transport name is part of the
cache key.
> SMTP_HOST_KEY uses newlines if I am not mistaken. And it is
> completely hidden from the user interface.
Yes, as noted.
--
Viktor.
