[Mimedefang] [PATCH] Have real load sharing between milters

Tue, 05 Sep 2006 16:07:11 -0700 


Hi all,

We use several mimedefang milter servers in parallel. Sendmail makes
it easy, and bind helps us with round robin host milter defines.

But after one of the milters have been shut down, we found out
that DNS round robin with bind sucks.

I'll explain why it sucks.

Let's say we have three milters, then bind answers us
only three possible results:

1)

milter.        172800  IN      A       10.0.0.1
milter.        172800  IN      A       10.0.0.2
milter.        172800  IN      A       10.0.0.3

2)

milter.        172800  IN      A       10.0.0.2
milter.        172800  IN      A       10.0.0.3
milter.        172800  IN      A       10.0.0.1

3)

milter.        172800  IN      A       10.0.0.3
milter.        172800  IN      A       10.0.0.1
milter.        172800  IN      A       10.0.0.2

Do you see whats wrong ? The first entry is always randomized, but
the following entries are not, they are sorted ascending. So let's
imagine milter 10.0.0.3 has crashed. Then all requests to 157.161.9.21
are beeing redirected to filter 10.0.0.1 since sendmail just takes the
next ip following 10.0.0.3.

Filter 10.0.0.1 ends then with 2/3 of all connections, 10.0.0.2
with 1/3. This is IMHO unusable and may lead to tempfails and long
delay on filtered emails.

There are also DNS implementations which behave totally static, like one
famous from Microsoft. The order it uses is always the same. Of course, there
are also different implementations which behave more random-friendly and would
make that patch unneccessary. But the patch is written for bind users in the
first place :-)

Anyway, I've made a patch to sendmail to fix this problem independent
from DNS:

http://antispam.imp.ch/patches/patch-sendmail-milterrandom

If you find any bugs just tell me :-)

Martin

Martin Blapp, <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
------------------------------------------------------------------
ImproWare AG, UNIXSP & ISP, Zurlindenstrasse 29, 4133 Pratteln, CH
Phone: +41 61 826 93 00 Fax: +41 61 826 93 01
PGP: <finger -l [EMAIL PROTECTED]>
PGP Fingerprint: B434 53FC C87C FE7B 0A18 B84C 8686 EF22 D300 551E
------------------------------------------------------------------

_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list [email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Reply via email to