Le 9 nov. 2011 à 11:43, Patrick Ben Koetter a écrit :
> * bsd <b...@todoo.biz>:
>> I am trying to figure out what is the best solution in order to filter
>> incoming e-mail on a front-end relay server quite heavily loaded (100.000
>> messages / day).
>
> Even if you assume that all those messages will be sent within 8 hours
> (business time) it will boil down to ~ 3.5 msg/sec. Server hardware can do
> that easily.
>
>
>> We are using LDAP querry in amavisd-new in order to check if the e-mail
>> account exists in our LDAP DB.
>
> Bad idea.
That was also my feeling about this…
>
>> Internet <--> Relay [Postfix + Amavisd-new] <--> Internal postfix
>> | |
>> | |
>> --------[LDAP database]----------
>>
>>
>>
>> Since update of our amavisd-new server to version 2.7.0 we are having
>> problem with the LDAP lookup.
>>
>> I was wondering if It was not better to do this lookup before delivering the
>> e-mail to the amavisd process ?
>
> Good idea. Reject any message that can't be delivered immediately. That's
> cheap. It takes place in the SMTP session before the payload has been sent and
> before a content filter, such as amavis, does ressource intensive filtering.
Shall I do that using the "Postfix Before-Queue Content Filter", if so is It
feasible or do you advise me to do that in the normal SMTP server using the
classic "virtual_alias_maps"
That would give smthg like :
Unfiltered -> before Q -> smtpd -> cleanup -> postfix Q -> smtpd
(filtered)
^ |
| v
smtpd 10026 smtp
^ |
| v
Amavisd filter 10025
>
>> If the answer is positive, should I use the "local_recipient_maps" parameter
>> or is there another more efficient method to be used ?
>
> Depends on the namespace the recpient domain is in.
recipient would be in smthg like
user@mydomain(s)
where domains = less than 10 domains.
>
> p@rick
>
> --
> All technical questions asked privately will be automatically answered on the
> list and archived for public access unless privacy is explicitely required and
> justified.
>
> saslfinger (debugging SMTP AUTH):
> <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
––––––––––––––––––––––––––––––––––––––––––––––
---------> Grégory Bernard Director <---------
---------------> www.osnet.eu <---------------
--> Your provider of OpenSource appliances <--
––––––––––––––––––––––––––––––––––––––––––––––
OSnetOSnetOSnetOSnetOSnetOSnetOSnetOSnetOSnetO
