Noel Jones wrote:
Furs wrote:
Folks,
I need a sender access per domain.
After reading postfix documentation i decided to use classes,
in smtpd_recipient_restriction there is a new restriction. This
restriction tells postfix what class to use depending
on domain recipient. Every class has its own whitelist,
blacklist.
Problem is there are too many classes. We have more than 1200 domains,
so we use more than 1200 classes, it seems that postfix can't open them
When we start postfix all is fine, but when we recieve a new mail postfix
log an error message:
"fatal: open database /etc/postfix/recipient-access/domains/domainXYZ.db:
Too many open files"
Somebody can tell how to avoid that.
Wow, what a maintenance nightmare!
Postfix needs to open a file descriptor for all those lookup tables you
have defined. An excerpt from the INSTALL file:
------
... the number of file descriptors per process is limited by the value
of the FD_SETSIZE macro. If you expect to run more than 1000 mail
delivery processes, you may need to override the definition of the
FD_SETSIZE macro to make select() work correctly:
% make makefiles CCARGS=-DFD_SETSIZE=2048
Warning: the above has no effect on some Linux versions. Apparently, on
these systems the FD_SETSIZE value can be changed only by using
undocumented interfaces. Currently, that means including <bits/types.h>
directly (which is not allowed) and overriding the __FD_SETSIZE macro.
Beware, undocumented
interfaces can change at any time and without warning.
But wait, there is more: none of this will work unless the operating
system is configured to handle thousands of connections. See the
TUNING_README guide for examples of how to increase the number of open
sockets or files.
------
I think you'll be better off if you move this to an external policy
server. www.policyd.org is a good place to start.
You might be able to get away with using the proxy: server for
your maps. Prepend all your map names with proxy:
and see http://www.postfix.org/proxymap.8.html
But a policy server still seems like a better idea.
http://www.postfix.org/SMTPD_POLICY_README.html
http://www.postfix.org/addon.html#policy
--
Noel Jones
