> > > Since the bottleneck is SA and not Postfix you should rather use > > > load balancing for the internal forwarding to amavisd-new and > > > distribute the load of content scanning to different machines. > > > > It could be a reasonable remark.. > > > > > Set in master.cf of postfix for example -o > > > content_filter=amavisd-new:amavis.domain.tld:10024 > > > > > > amavis.domain.tld can also be a MX record. If all amavisd-new > > > processes on the machine with the highest priority are in use, > > > postfix should automatically forward the mail to the box with the > > > successive priority. > > > > If I have server SMTP gateway server, how could I tell to > postfix to > > route one message to one of them (eg: suppose that I have 3 smtp > > gateway, say IP1, IP2, IP3, then how could I tell to > postfix that mail > > received must be rerouted to amavisd-new on one of the machine IP1, > > IP2 or IP3?)? > > Either by using DNS round robin for amavis.domain.tld with > IP1, IP2, IP3 or by using MX records with three entries for > amavis.domain.tld as described above > > > > With > > > $forward_method = 'smtp:*:10025'; > > > in amavisd.conf amavis will forward the scanned message > back to the > > > originating postfix server and you can share several amavis > > > installations on more than one SMTP gateway making it possible to > > > use also round robin for your SMTP gateways.
Sorry, Please, could you be more clear? I have n SMTP gateway server (Postfix+MySQL+Amavisd-new). The amavisd-new socket is bound on the localhost interface, so it will never accept connection from another SMTP gateway: tcp 0 0 127.0.0.1:10024 0.0.0.0:* LISTEN Should I make Amavisd-new listen on *? The same problem for reinjection socket.. What cause this in terms of security? Finally, where I have exactly to put: content_filter=amavisd-new:amavis.domain.tld:10024 in master.cf? > > > > My only fear is that a such approach could icrease > drastically the DMZ > > network traffic.. :-( > > You're simply doubling the number of mails transferred within > your network. > As long as your network load isn't already at 50% this > shouldn't be a problem. mmh.. I have to verify.. Any idea on how? rocsca ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
