* Wietse Venema <wie...@porcupine.org>: > Stefan Foerster: > > One of the greatest improvements in the 2.7 tree is the ability to > > defer transmission of received messages to a SMTP proxy until the > > message receiption completes (smtpd_proxy_options = speed_adjust). > > Can you be more specific about the benefits?
Number of filters is down by more than 40%. Comparing a typical day before and after we deployed that feature: http://www.incertum.net/~cite/speed_adjust.png Other sites might not notice such a large impact: Our setup includes a large number of clients connected via lines with little bandwidth (2MBit/s) which is typically used for other purposes besides sending mail. If the time a mail transmission takes is negligible, I expect the results to be vastly different. Furthermore (I'm not 100% sure about this, would be glad if you could confirm this) it's much harder to DoS a Postfix server with that patch: Previously, all you had to do was opening a number of connections equal to the number of pre-queue content filter processes, go through the initial (E)SMTP steps and then send a mail very slowly. With "smtpd_proxy_options=speed_adjust", you'd have to DoS the Postfix SMTP server itself, and between postscreen guarding it, high process limits, access control and the stress adaptive server personality, this one is well able to take care of itself. Stefan
