Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Victor Duchovni (Victor.Duchovnimorganstanley.com)
Date: Mon Dec 22 2008 - 12:53:46 CST
On Mon, Dec 22, 2008 at 07:06:15PM +0100, Bas van Schaik wrote:
> Hi all,
> I have two company mailservers, both running Postfix. One of them is
> "public" (accessible from the internet) and the other is used for
> internal purposes only (i.e.: sending/recieving internal mail and
> sending mail to the internet via the public mailserver).
> The public mailserver is (of course) configured to scan for spam and
> viruses and does have rate limitations (smtpd_client_message_rate_limit
> and smtpd_client_connection_count_limit) to avoid getting drowned in
> mail from a single server.
> The internal mailserver sometimes sends a large batch of mail to the
> public mailserver, this is where it gets nasty. The public mailserver
> applies the rate limits and starts to tempfail the mail from the
> internal server.
Don't do that.
> This is /exactly/ what I want the public mailserver to
> do (I don't want to use the smtpd_client_event_limit_exceptions option),
> but the internal mailserver keeps trying and trying.
> Eventually, all mail from the internal server gets through and other
> mail traveling through the public mailserver does not get affected by
> large delays. However, I think the internal mailserver should stop
> processing the large batch of mail as soon as it notices that the public
> mailserver started tempfailing on it. That would save both mailservers a
> lot of work and would speed up retrying other queued mail.
If you enforce a connection-rate limit and not a message-rate limit,
you will find that the internal server will back off, but you may not
like the result.
> I couldn't find such an option in the postconf(5) manpages, nor could I
> find it on the internet. Is there a way to achieve this behavior?
> Furthermore I'm wondering if it is possible to tell Postfix to start
> tempfailing incoming messages when the server load exceeds some value?
A terrible idea. This is the most important Sendmail bug fixed by Postfix.
> Of course it is possible to implement a hard-limit on the number of
> smtpd-processes, but that could cause the server to start idling.
What problem are you really solving here. Why do you want to cripple
the mail flow from your internal server to the edge server?
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.