Victor Duchovni:
> On Wed, Feb 04, 2009 at 12:24:23PM -0500, Wietse Venema wrote:
>
> > Victor Duchovni:
> > > [ Wietse is it safe to move queue files active -> hold -> incoming in
> > > a short time? Could some recipients be delivered twice by two delivery
> > > agents in parallel (both deliveries starting after the second incoming
> > > to active transition)? ]
> >
> > Each delivery agent holds a read lock on the file that it delivers
> > mail from. This will keep the queue manager from scheduling new
> > deliveries. The mechanism prevents duplicate deliveries after
> > "postfix reload" + "postfix flush".
>
> Yes, this solves the queue-manager reload problem, because the active
> queue is empty when the queue-manager reloads. In the new scenario,
> the active queue is not empty, and an active file is "surreptitiosly"
> moved (multiple quick steps) to "incoming". If all the recipients
> are at busy destinations, there may not (yet) be any delivery agent
> locks, and the file could enter the queue a second time.
>
> Is this possible?
Perhaps. This would require a hash of queue IDs, which can be hidden
entirely behind qmgr_message_mumble(). It's peanuts compared to
what happened when nqmgr introduced one hash table per "job".
Wietse
