* Wietse Venema <postfix-users@postfix.org>: > Wietse Venema: > > Unlike DNS lookups, the access map lookup is a blocking operation, > > and if your tcp map takes 80ms to complete (a typical trans-atlantic > > query), then you can handle only 12 connections per second, and > > make postsceen the largest performance bottleneck on the system. > > After starting work on postscreen by the middle of 2009, I soon > realized that I might have to add some postscreen-policy interface > for things that are too complex or that take too much time compared > to a quick access map lookup. Perhaps the time has come. > > Basically this would be a very small subset of the SMTP server > policy protocol with just the network 5-tuple (source/destination > address/port, protocol, client concurrency), enough to do some > simple reputation work. > > Perhaps it also makes sense for postscreen to make a postscreen-policy > call based on the information that it has collected with its dummy > SMTP engine.
That's great news! The reason Christian is using tcp tables is that there's no postscreen API to call external policy services at the moment. If there was he/we would be eager to use that instead. p@rick -- [*] sys4 AG https://sys4.de, +49 (89) 30 90 46 64 Schleißheimer Straße 26/MG,80333 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
