A.Schulze via Postfix-users:
> Hello & a happy new year to all ...
>
> following the discussion 'Automatic migration to non-Berkeley DB', I checked
> my configuration.
> Mostly, I use cdb or databases. I've only some places, where
> 'hash/btree/ldmb' is used at all:
> - address_verify_map
> - smtp_tls_session_cache_database
> - postscreen_cache_map
>
> While using a cache file is default for 'address_verify_map' and
> 'postscreen_cache_map',
> 'smtp_tls_session_cache_database' was configured by myself.
Support for TLS session caches was added to Postfix 2.2 when I
adopted Lutz Jaenicke's TLS code. This was at a time that Postfix
by default did not maintain on-disk caches. Caches with DBM and
SDBM did not work, and I wasn't confident that Berkeley DB was good
enough. For this reason the tlsmgr daemon was designed to clear its
on-disk caches at start-up time so that it would not get into
crash-restart-loop when a cache becomes corrupted.
The postscreen and verify daemons share a different cache implementation;
they have had on-disk caches by default starting in Postfix 2.7.
The TLS session cache support was never updated. It should use the same
kind of storage as postscreen and verify.
Wietse
> https://www.postfix.org/postconf.5.html#smtp_tls_session_cache_database say
> > default: empty
>
> Viktor wrote [1] some days ago:
>
> > the best thing to do, as with most of the cryptographic
> > parameters, is to leave them at their default values.
>
> So, I like to ask if/when it makes sense to use
> 'smtp_tls_session_cache_database'
> Maybe the empty default can save me from some future trouble...
>
> Andreas
>
> [1] https://marc.info/?l=postfix-users&m=176760321210985
>
> _______________________________________________
> Postfix-users mailing list -- [email protected]
> To unsubscribe send an email to [email protected]
>
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
