I'm using postfwd3 as a policy service for rate limiting based on the envelope sender address and number of recipients.
We're both limiting "freemailer" senders (they can only reach a low number of internal recipients before being restricted) as well as our internal users (they can only reach a low number of external recipients before being subject to inspection) The integration into postfix boils down to: smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10040 Now postfwd3 is written in Perl, and that thing is hogging the CPU: # ltrace -c -p 2722940 % time seconds usecs/call calls function ------ ----------- ----------- --------- -------------------- 24.95 5.368282 86 62012 free 16.65 3.582837 86 41368 memmove 15.74 3.387136 86 38990 malloc 15.65 3.368211 86 39100 __errno_location 10.81 2.327013 85 27109 calloc 10.31 2.217849 86 25717 memcpy 2.96 0.637078 85 7418 memcmp 2.78 0.597770 85 6958 memchr ... snip ... ------ ----------- ----------- --------- -------------------- 100.00 21.516662 249020 total I put the check into smtpd_end_of_data_restrictions, so all recipients are known... Is smtpd_end_of_data_restrictions maybe a suboptimal place for that check_policy_service? -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netz | Netzwerk-Administration Invalidenstraße 120/121 | D-10115 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | https://www.charite.de _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org