We've some features (such as DKIM signing) we'd like to deploy, but
currently the only program that meets our requirements is OpenDKIM, which
is available as a before-queue milter. However, we've a concern about
using such milters, specifically, if the milter is broken or times out lots
of email gets rejected because resources get consumed and never freed. An
example may be a milter that relies on LDAP, and the LDAP server goes down.
I noticed in the release notes that Postfix 2.7 receives the full message
before sending it to the before-queue milter, but I don't think this
addresses the concern.
I wanted to verify with the list that this concern is valid, and what sort
of mitigation strategies folks may have used.
Thanks,
Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
