> On Oct 13, 2020, at 7:33 AM, Tom Sommer <m...@tomsommer.dk> wrote:
>
> The process limit would be an overall limit on the transport?
>
> Is there a way to limit the number of concurrent connections for each
> destination IP?
No. Postfix has no mechanism for that. The only entity with a
global view of the queue is the queue manager, and the queue
manager has no knowledge of which IP addresses a particular
nexthop will resolve to once smtp(8) tries to do a delivery.
Postfix schedules delivery of a message to a nexthop destination
(domain in most cases), there is no explicit scheduling of
connections, the smtp(8) delivery agent just tries one or more
MX host IPs in turn, shuffling equal-priority IPs at random,
but also trying to make sure that when both IPv4 and IPv6
addresses are available, neither some connections of each type
will be made before giving up on the destination as unreachable.
A subtantial redesign (unlikely to happen) of the queue manager
and/or smtp(8) delivery agent would be needed in order to schedule
connections, which means helper processes (and queues) for mapping
a nexthop to a set of IP addresses
One might therefore split the smtp(8) delivery agent into two
parts, with MX resolution and TLS policy lookup happening
separately from delivery, and the pending list of IP addresses
and recipients given to a connection manager process that would
orchestrate actual SMTP transactions against particular IP
addresses, with appropriate per-IP concurrency limits.
But this has implications for the queue manager, because now
a delivery attempt may be sitting for a while in a downstream
queue, waiting for a connection slot. The resolution half of
the delivery agent can't report completion of the job, but
having it blocked waiting for a connection introduces potential
bottlenecks. This design space has not been explored.
--
Viktor.
