Hello,
I've been trying to simplify our multi-instance Postfix setup,
however, I'm wondering whether it's actually possible. So I
was wondering if anyone could tell me whether my idea is futile
or could actually work.
Let me explain.
We run SMTP services for multiple organisations on a cluster
of systems. Each of those organisations has two inbound smtpd
processes provisioned (using their own unique port numbers).
One is for plain SMTP and one is for TLS. Both have custom
settings, e.g. for SSL certificates, hostnames, etc.
This configuration is duplicated on each system in the cluster and
loadbalancers route inbound traffic from a customers' service-IP
to one of those smtpd process ports.
That's all pretty straightforward and works as expected.
However, where seperating outbound traffic is concerned things
get interesting. For most of our customers, this is of no
concern, outbound traffic is simply routed through the main
system's IP address, regardless of which inbound process has
accepted it.
There are a few clients however for which we source outbound
traffic from a different IP address. This is currently done
by handling these in a seperate postfix instance, with their
own queue directory, configuration, etc.
However, this adds some unneccesary complexity and administration
burden. While implementing another change, I got the idea to
try to integrate this into a single instance, while still
maintaining different queues.
I can't seem to find any documentation on whether this is even
possible.
I have tried duplicating the "cleanup" and "qmgr" and "rewrite"
services in master.cf with a duplicate one, and using the
-o queue_directory and -o ..._service_name and -o default_transport
parameters to seperate traffic flows.
However, this doesn't seem to work as I would have expected it to:
Oct 17 17:49:41 smtp01 postfix/qmgr[72891]: warning: connect #2 to subsystem
private/rewrite_cust1: No such file or directory
Is this a futile attempt and will postfix simply not tolerate
multiple cleanup/qmgr/rewrite processes in a single instance?
By the way: it would be a much cleaner solution if one were able
to to stick tags to e-mails in -for example- the smtpd process. If
those tags would be retained while the message is in-queue qmgr
could then be configured to make outbound routing decisions based
on these tags, instead of just based on the sender.
For reference, I've tried the following:
<ip>:26 inet n - n - - smtpd
-o smtpd_proxy_filter=127.0.0.1:11000
-o smtpd_tls_cert_file=/etc/postfix/ssl/cust1.crt
-o smtpd_tls_key_file=/etc/postfix/ssl/cust1.key
-o myhostname=smtp01.cust1.nl
-o myorigin=smtp01.cust1.nl
-o mydestination=smtp01.cust1.nl
-o syslog_name=postfix_cust1
-o queue_directory=/data/postfix-pt-smtp
-o queue_service_name=qmgr_cust1
-o cleanup_service_name=cleanup_cust1
<ip>:10026 inet n - n - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_proxy_filter=127.0.0.1:11000
-o smtpd_tls_cert_file=/etc/postfix/ssl/cust1.crt
-o smtpd_tls_key_file=/etc/postfix/ssl/cust1.key
-o myhostname=smtp01.cust1.nl
-o myorigin=smtp01.cust1.nl
-o mydestination=smtp01.cust1.nl
-o syslog_name=postfix_cust1
-o queue_directory=/data/postfix-cust1
-o queue_service_name=qmgr_cust1
-o cleanup_service_name=cleanup_cust1
-o rewrite_service_name=rewrite_cust1
cleanup_cust1 unix n - n - 0 cleanup
-o syslog_name=cleanup_cust1
-o queue_directory=/data/postfix-cust1
-o queue_service_name=qmgr_cust1
-o cleanup_service_name=cleanup_cust1
-o rewrite_service_name=rewrite_cust1
qmgr_cust1 fifo n - n 300 1 qmgr
-o queue_service_name=qmgr_cust1
-o queue_directory=/data/postfix-cust1
-o queue_service_name=qmgr_cust1
-o cleanup_service_name=cleanup_cust1
-o rewrite_service_name=rewrite_cust1
rewrite_cust1 unix - - n - - trivial-rewrite
-o queue_service_name=cleanup_cust1
-o queue_directory=/data/postfix-cust1
-o queue_service_name=qmgr_cust1
-o cleanup_service_name=cleanup_cust1
-o rewrite_service_name=rewrite_cust1
-o default_transport=smtp_cust1
smtp_cust1 unix - - n - - smtp
-o queue_service_name=smtp_cust1
-o smtp_bind_address=<outbound IP>
-o smtp_helo_name=smtp.cust1.nl
-o myhostname=smtp01.cust1.nl
-o queue_directory=/data/postfix-cust1
-o queue_service_name=qmgr_cust1
-o cleanup_service_name=cleanup_cust1
-o rewrite_service_name=rewrite_cust1
-o default_transport=smtp_cust1
Kind regards,
Roel Bouwman.
