Dan Lists: > On Thu, Mar 8, 2012 at 4:06 PM, Wietse Venema <wie...@porcupine.org> wrote: > > Dan Lists: > >> How much traffic can postscreen handle? ? Each mail server in our > >> cluster handles 800,000 to 1,000,000 messages per day. ?We typically > > > > This is mainly limited by the whitelist database latency: the > > time needed to decide that a client is OK, and to hand off the > > connection to a real SMTP server process. > > > > In your example, postscreen would have to be able to do 10 lookups > > a second, but we all know that mail is not spread out evenly over > > a day, so 100 lookups/second would be more appropriate. > > > > If the number of distinct clients is not overwhelmingly large, > > putting a memcache between postscreen and the persistent whitelist > > database will help to reduce whitelist lookup latency. > > I assume you are referring to the temporary whitelist. I do not see > any way to configure what is uses to store the temporary whitelist. > Is it configurable? Is there any way to share the temp whitelist > between multiple servers?
See: http://www.postfix.org/POSTSCREEN_README.html#temp_white and text linked from there. > >> have 60-120 smptd processes, with peaks as high as 320. ?Adding a > >> greeting delay will result in a lot of open connections. ?Can > >> postscreen handle this volume even with the postscreen_greet_wait > >> value of 6 seconds? ?Would I need to use drop instead of enforce on my > >> actions? > > > > postscreen does not wait 6 seconds on all connections; that > > would be a terrible mistake. > > Every connection not in the whitelist or a blacklist sees the delay, > correct? We get connections from around 250,000 different IPs per day, > most of which are blacklisted. Let them suffer. Whitelisted systems don't have to queue up behind the unwashed masses. If you thought that postscreen handles clients one by one, then that is an incorrect impression. Wietse
