Hi everyone, I recently submitted a small refactor of the PostgreSQL backend used by Postfix. Wietse Venema reviewed the changes, and the updated version is now available in the current nonprod branch (postfix-3.12-20260425-nonprod, see dict_pgsql.c).
We would greatly appreciate feedback from PostgreSQL users to confirm that existing configurations and queries continue to work as expected before this is merged into beta and stable releases. The rewrite introduces prepared statements, providing: Improved performance in high-concurrency scenarios (80-100% faster queries, mainly after the first query per database connection due to preparation overhead) Stronger protection against SQL injection by separating query structure from data, removing the need for error-prone manual escaping The primary goal of this change is security hardening and more robust handling of query input. As individual queries took already sub-milliseconds to complete, the performance gain might not be noticable directly. No configuration changes should be required. If you encounter any issues, it would be very helpful if you could share the affected query that fails to convert into a prepared statement, either with me or Wietse. Thank you for your support! Ömer
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Postfix-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
