Thanks for the detailed replies. Yes we had the feeling that this task would
be non trivial to put it mildly. We need to decide how we will proceed based
on the this info. Again Thanks
--
View this message in context:
http://postfix.1071664.n5.nabble.com/Problem-with-TLS-and-multiple-emails-ove
> On Dec 13, 2016, at 11:05 AM, Wietse Venema wrote:
>
>
> In principle, tlsproxy can handle this, but using a proxy would
> only move the persistent connections from SMTP clients to proxy
> processes. Delegation just means that the problem has to be solved
> elsewhere :-(
Yes, that just solve
Viktor Dukhovni:
> This requires figuring out how to split-up the TLS client code
> connection setup to do event-based handshake completion (as was
> done for TLS proxy in the SMTP server). There would be a small
> pool of proxy processes, likely more than 1, but ideally many
> fewer than the numb
> On Dec 13, 2016, at 6:58 AM, Stefan Moravcik wrote:
>
> We are not a C development house but have some individuals with a lot of C
> experience that have looked at the code. There are a number of approaches
> that could be taken to help. One of the obvious simple ones for us is to
> keep a con
Please, use TLS session tickets. They eliminate the need for costly
per-connection TLS handshakes. This feature was introduced almost
three years ago with Postfix 2.11.
This won't help when you need to deliver mail to an ancient plaform,
but I'm afraid that complex workarounds for ancient platform
I was wondering if there was any updated information available on this issue
as it is beginning to impact us a lot.
Our situation is a bit unique in that we send large batches of emails to a
single domain on a regular basis. Our customers are using our system to send
emails to themselves. We find
On Fri, Mar 21, 2014 at 03:50:24PM +0100, Stefan Moravcik wrote:
> I am trying to accomplish a connection cache for TLS. I set it up for non -
> TLS connections and it works just great.
The Postfix connection cache moves file descriptors between processes.
Unfortunately, the OpenSSL library does
