On 15/01/2023 21:21, Gerben Wierda wrote:
On 15 Jan 2023, at 22:09, Wietse Venema <wie...@porcupine.org> wrote:
It would resolve the exclusive lock. However, it make no sense to
have two postscreen services on the same physical machine exposed
to clients on the internet.
Not in stable production, agreed.
But it brings me quick changes of my setup, between either haproxy or
without haproxy.
I only have to switch one setting in the router on the router without
having to change the router and two postfix servers concurrently.
If the router port forwards 25 to either of both servers, they end up
at port 25 of those servers where they do not expect haproxy.
If the router port forwards to haproxy and haproxy connects to either
server at a port that requires proxy protocol it works as well.
So, the only thing I now have to change is to tell the router how to
forward, bot postfixes can do both ways. Single change is all it
requires. Easier.
G
There is a section in https://www.postfix.org/POSTSCREEN_README.html
describing how to share a btree cache. Is this not relevant to your need.
Paul
