> On Jun 25, 2018, at 9:39 AM, Olaf313 <olaf.lind...@ineos.com> wrote:
>
> for a period of time we need to route ~ 2.000 mail addresses to our old
> system.
> I would add those addresses into the transport file like
>
> na...@domain.com smtp:system.fqdn.com
> ....
> name2...@domain.com smtp:system.fqdn.com
>
> Will the larger transport file now affect the performance of the Postfix
> server ?
I generally prefer to do traffic splitting via address
rewriting, rather than per-user transport entries.
This enables the use of remote data sources (LDAP, SQL, ...)
without creating a performance bottleneck. If your transport
table stays *local* (an indexed file) you can of course
use that and it'll perform very well. Consider "cdb"
rather than "hash" or "btree" (more stable on disk
format and API).
To this with rewriting I use:
virtual:
us...@example.com user1@store1.example
us...@example.com user2@store2.example
generic:
user1@store.example us...@example.com
user2@store.example us...@example.com
main.cf:
indexed = $default_database_type:$config_directory/
virtual_alias_maps = ${indexed}virtual
relay_generic_maps = ${indexed}generic
transport:
store1.example relay
store2.example relay
master.cf:
relay unix ... smtp
-o smtp_generic_maps=$relay_generic_maps
Note, that enabling "smtp_generic_maps" causes header
rewriting on output, which can affect DKIM signature
validity when the headers are out of spec. Presumably,
if you use DKIM signing at all, it happens in the
outbound direction, and does not use the "relay"
transport. On the inbound direction, DKIM is normally
verified at the edge, and Authentication-Results added.
However, if you're then forwarding to an external mailbox
provider, and it is necessary to avoid avoidable DKIM
signature breakage, then "smtp_generic_maps" may not be
suitable. Unfortunately, we don't yet have an
"smtp_generic_classes" to restrict output rewriting to
just envelope recipients.
--
Viktor.
