I'm using postfwd3 as a policy service for rate limiting based on the
envelope sender address and number of recipients.
We're both limiting "freemailer" senders (they can only reach a low
number of internal recipients before being restricted) as well as our
internal users (they can only reach a low number of external
recipients before being subject to inspection)
The integration into postfix boils down to:
smtpd_end_of_data_restrictions =
check_policy_service inet:127.0.0.1:10040
Now postfwd3 is written in Perl, and that thing is hogging the CPU:
# ltrace -c -p 2722940
% time seconds usecs/call calls function
------ ----------- ----------- --------- --------------------
24.95 5.368282 86 62012 free
16.65 3.582837 86 41368 memmove
15.74 3.387136 86 38990 malloc
15.65 3.368211 86 39100 __errno_location
10.81 2.327013 85 27109 calloc
10.31 2.217849 86 25717 memcpy
2.96 0.637078 85 7418 memcmp
2.78 0.597770 85 6958 memchr
... snip ...
------ ----------- ----------- --------- --------------------
100.00 21.516662 249020 total
I put the check into smtpd_end_of_data_restrictions, so all recipients
are known...
Is smtpd_end_of_data_restrictions maybe a suboptimal place for that
check_policy_service?
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netz | Netzwerk-Administration
Invalidenstraße 120/121 | D-10115 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ralf.hildebra...@charite.de | https://www.charite.de
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
