Hello, I've got 3 machines running postfix 2.11-20131001. Incoming connections are balanced via haproxy (and postscreen_upstream_proxy_protocol=haproxy). Right now each postfix instance has its own postscreen_cache_map. Everything works fine.
I thought I could share the cache among all nodes using memcache with postscreen_cache_cleanup_interval left to default and with the persistent btree backup specified. Something like: # main.cf postscreen_cache_map = memcache:/etc/postfix/postscreen_cache.cf # postscreen_cache.cf memcache = inet:10.11.12.13:11211 key_format = postscreen:%s backup = btree:/var/lib/postfix/postscreen_cache ttl = 86400 The idea is that each postscreen would attempt to clean the addresses it iterates from the respective persistent backup (and remove it from both btree and memcache). In case of crashed / dead node the memcache TTL would take care of any leftovers. Would something like this work? And would the postscreen cache logic remain intact? I have read [1] and [2], but I didn't see it neither mention nor forbid such setup. Did I overlook something? BTW, in case of non-persistent memcache ([1], section "Sharing the temporary whitelist", example 1). How does postscreen behave when the memcached becomes inaccessible (crash, network problem, ...)? Is the practical outcome as with empty postscreen_cache_map (plus timeout / error logged)? [1] http://www.postfix.org/POSTSCREEN_README.html [2] http://www.postfix.org/memcache_table.5.html Thanks, -- hodor
