On Tue, Aug 01, 2017 at 02:41:52PM -0700, mark burdett wrote:
> Hi, I was curious if there are any plans for postfix to eventually support
> SMTP connection reuse with STARTTLS.
This requires a complex outbound TLS proxy to cache the connections
in process, and handle peer authentication. Some of the work has
already been done on the inbound side to enable TLS in postscreen,
but much work remains, as outbound TLS is much more complex. This
is not likely to happen in the near term.
> After enabling TLS, postfix delivery was much slower, and packet capture
> revealed the connection reset after each message was delivered. Postfix
> documentation confirms there is no connection reuse with TLS. Unfortunately
> this dramatically slows down delivery to the relay because of the RTT
> overhead of new TCP connections.
Increased latency can be amortized with increased concurrency.
Just open more connections and the overall throughput rate will
remain the same.
Throughput = Concurrency / Latency
--
Viktor.
