On 1/23/2015 2:54 PM, rogt3...@proinbox.com wrote: > Noel > > On Fri, Jan 23, 2015, at 12:43 PM, Noel Jones wrote: >> Unless you're currently planning on using an after-queue content >> inspection system, > > I will be quite soon ... like I said I'll be replacing those servers. That > includes implementing filter/milters etc. I'm reading up on those in parallel >
Milters and/or pre-queue filters don't benefit from multi instances. Post-queue filters DO benefit, but they're generally avoided these days since discarding mail has gone out of style. > Load balancing and lmtp over vpns are not far behind. Load balancing is done with multiple boxes, not multi instances on the same box. LMTP & VPNs don't benefit from multi instances. > > In any case the questions for how to get Recipient Verification are pretty > much the same -- regardless of if the probes are launched from a sinlge > monolithic instance or one small/contained piece of many. The probes must come from the internet facing postfix, ie. postfix-in in your overly complicated examples. If there is an afer-queue filter or multiple instances between the internet facing postfix and the mailstore, you MUST use ONE of address_verify_relayhost, address_verify_default_transport, or address_verify_transport_maps so the verification probes can go directly to the mail store. Some applications MAY require setting more than one of these probe controls, but that's unusual. With a single instance that relays to an internal mailstore, the probe routing seldom needs special handling; if incoming mail is routed to the correct place, so are the probes. > > relay_recipient_maps = This is the default; no need to set it. > > pick the probe identity > > double_bounce_sender = double-bounce > address_verify_sender = $double_bounce_sender These have reasonable defaults; no need to set. > > set where to store the probe results and leave them persistend > > address_verify_map = lmdb:/var/lib/postfix-in/verify_cache > address_verify_cache_cleanup_interval = 0 Don't disable cache cleanup unless/until you have multiple postfix front ends sharing a single backend database. Then, leave one box doing the cleanup and set the others to zero. -- Noel Jones
