On 8/9/2012 6:16 PM, Viktor Dukhovni wrote:
On Thu, Aug 09, 2012 at 05:11:49PM -0400, Deeztek.com Support wrote:
So at this time you are recommending two separate machines instead
of two instances on the same machine?
No, I am recommending two instances per machine, one before the
filters, and one after
Separately, I am recommending two sets of machines, one set for
inbound mail and another for outbound. These can be VMs if you
prefer.
You can configure multiple groups of Postfix instances on a single
machine with two instances for inbound mail and another two for
outbound, but this becomes difficult because you need multiple IP
addresses to separate the inbound and outbound input instances and
or you need to convince all the SMTP clients sending mail out to
use a port other than 25 for outbound mail via the gateway.
If you have multiple IP addresses, or can freely choose a non-default
port, a single machine may be more convenient in some cases. Which
works better depends on how you do configuration management.
This is certainly not simpler then. Would this work instead for the DKIM
signing? Instead of setting the milters on main.cf, could I set it
master.cf as follows:
*smtp inet n - n - - smtpd
submission inet n - n - - smtpd
-o smtpd_milters=inet:127.0.0.1:8891
amavis unix - - - - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
127.0.0.1:10022 inet n - - - - smtpd
-o content_filter= smtp:127.0.0.1:10025
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o
receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_bind_address=127.0.0.1*
I know I haven't removed the middle postfix in the mailflow as per your
suggestion yet, but would the above work?
