Wietse Venema wrote:
Michael Moritz:
This is a problem we came upon while setting up the split MX (described
earlier on this list). On the the smtp gateway I have this in master.cf
smtp inet n - - - 20 smtpd
-o cleanup_service_name=pre-cleanup
-o smtpd_proxy_filter=127.0.0.1:10024
-o smtpd_client_connection_count_limit=10
-o content_filter=
# -o content_filter=127.0.0.1:10024
To switch between before/after filters depending on load, use
the Postfix 2.5 stress-dependent feature.
smtp inet n - - - 20 smtpd
-o smtpd_proxy_filter=${stress:127.0.0.1:10024}
-o content_filter=${stress?127.0.0.1:10024}
This, of course, requires that the filter can handle both cases.
In particular, the filter cannot reject mail.
In the case of amavisd-new, one could use policy banks to
define different behavior (reject when it's a proxy, tag+pass
when a content_filter) based on the injection port number.
smtp inet n - - - 20 smtpd
-o smtpd_proxy_filter=${stress:127.0.0.1:10024}
-o content_filter=${stress?127.0.0.1:10026}
See amavsid.conf-sample and the release notes for full details
on setting amavisd-new policy banks and adjusting final_{spam,
virus, bad_header}_destiny in each policy.
This still has the problem that only a limited number of smtpd
processes can be configured, but a cool idea regardless.
--
Noel Jones
