Wietse;
> inside Postfix -reverse haproxy-> remote MTAs in the Internet
> That is currently not implemented, and no design exists.
Joachim Lindenberg via Postfix-users:
> Hello Wietse,
> Yes, exactly, no second instance. Ok, implies I haven't overlooked
> something. Is this an option you are willing to consider? The key
> benefit to guys like me is that one doesn't have to manage two
> instances, considering setup and maintenance, configuration (like
> tls policies), backup or just trust in your provider. Thanks,
I think what you are looking for is called a forward proxy. That
typically involves SOCKS or HTTP. The reason it is not implemented
is lack of demand - this is a very narrow use case. Cost/benefit:
there are features that benefit a larger population.
Some concerns:
- Different SOCKS or HTTP proxy implementations will have different
limitations with respect to bugs, stability, and performance.
- Some SMTP client features cannot be proxied, such as smtp_bind_address
(or smtp_bind_address6).
- More concerning, the Postfix SMTP client will not be able to
manage the TCP send buffer size, which is needed to avoid deadlock
with SMTP command pipelining (the client must occasionally stop
sending commands to receive server responses, otherwise the server
might block, and that would block the Postfix SMTP client). There
is a rather long comment on this in the SMTP client's protocol
engine. Ths means the client needs to use a pessimistic estimate.
I expect that a SOCKS5 client would not use much code, compared to
the code that was needed with HaProxy.
Wietse
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
