On Mon, 2021-05-31 at 16:18 -0400, Wietse Venema wrote: > Jim Popovitch: > > Hello, > > > > If given hostname that resolves to multiple A/AAAA records, will > > smtpd_milters=inet:... cycle through all A/AAAA records until if > > finds a host that it can connect to? > > Postfix will try each IP address (as returned from getaddrinfo(3)) > until it can establish a TCP connection. Postfix does not randomize > the order of these IP addresses, and it does not reconnect (and > replay a session) when an established Milter connection goes bad.
Thanks for that detail. > > If so, does it make sense to reduce milter_connect_timeout to 10 > > or 15 seconds? > > When does it make sense to run Postfix and Milters in different > failure domains? I have no experience with such configurations. My thought is that having 2+ content filter endpoints could increase postfix's resiliency if a rules update or processing hack corrupt the process the milter is calling. -Jim P.
