On Mon, 2021-05-31 at 18:20 -0400, Wietse Venema wrote: > Jim Popovitch: > > On Mon, 2021-05-31 at 16:18 -0400, Wietse Venema wrote: > > > Jim Popovitch: > > > > Hello, > > > > > > > > If given hostname that resolves to multiple A/AAAA records, will > > > > smtpd_milters=inet:... cycle through all A/AAAA records until if > > > > finds a host that it can connect to? > > > > > > Postfix will try each IP address (as returned from getaddrinfo(3)) > > > until it can establish a TCP connection. Postfix does not randomize > > > the order of these IP addresses, and it does not reconnect (and > > > replay a session) when an established Milter connection goes bad. > > > > Thanks for that detail. > > > > > > If so, does it make sense to reduce milter_connect_timeout to 10 > > > > or 15 seconds? > > > > > > When does it make sense to run Postfix and Milters in different > > > failure domains? I have no experience with such configurations. > > > > My thought is that having 2+ content filter endpoints could increase > > postfix's resiliency if a rules update or processing hack corrupt the > > process the milter is calling. > > That would not solve your problem. > > Postfix will try each IP address in the order as returned from > getaddrinfo(3) until it can establish a TCP connection. Postfix > will not reconnect when an established Milter connection goes bad. > For example, the Milter does not respond, or produces bad responses.
Right, I got that from your earlier post, thank you again. Would you be interested in a patch or some idea on how to make that more robust? -Jim P.
