On Wed, Aug 02, 2017 at 07:11:23PM +0200, Marco Pizzoli wrote:
> Have a look at:
> - smtp_tls_session_cache_database <-- this is the most important thing. I
> suggest lmdb as the backing store
Yes, but Berkeley DB also works well enough in practice.
> - if you are on Linux on virtual, also to RNGD/Haveged (the second being
> the best for speed)
I don't think this is good advice. Use the default entropy source:
tls_random_source = dev:/dev/urandom
and let the kernel take care of entropy.
> - loading jemalloc as the memory allocator for all postfix processes
This is unlikely to be a bottleneck for SMTP. The default malloc should
be just fine. The only real tuning required for a dedicated upstream
is:
- Enable the client-side SMTP TLS session cache
- Make sure the upstream server supports session resumption, ideally
via session tickets, but a remote cache is also ok.
- Increase concurrency as required for the larger TLS
round-trip delay. If the average message size is large
enough, the latency increase will be small, and perhaps no
tuning is required. If the average message size is small,
a multiple of 2 or a bit more may be appropriate.
--
Viktor.
