On May 27, 2012, at 10:25, David Touzeau wrote: > We are facing an problem that we cannot resolve... > Our main goal is to implement a load-balancer in front of Postfix (HaProxy). > We have made a discuss with HaProxy founder in order to implement the XCLIENT > protcol but this is difficult for him to implement such protocol. > > In other way it seems that PostScreen is not really compatible with the proxy > protocol. > > src/postscreen/postscreen.c : > > /* BUGS > /* The \fBpostscreen\fR(8) built-in SMTP protocol engine > /* currently does not announce support for AUTH, XCLIENT or > /* XFORWARD. > /* Support for AUTH may be added in the future. > > > In fact we need to Postfix be compatible with Proxy protocol in order to > store the IP address at each ends of the socket in the VSTREAM descriptor. > With this way, an other handler, before PostScreen should get the IP/Port. > > We asking if there is a way to implement a load-balancer such as HaProxy or > Crossroads without loosing IP addresses sources in order to make PostScreen > available or any blacklisting feature..
I am a tad confused; why would your load balancer need to implement the XCLIENT protocol, when load balancing SMTP generally happens at one of the layers below that? Typically at layer 3 or 4, if I am not mistaken? Also, why would you need a proxy? Unlike HTTP, SMTP does not benefit from front-end caching and the like. HTTP is a stateless, SMTP a stateful protocol? It is easily made highly available, just based on the MX records, and you can implement basic load balancing by having several MX records with the same priority, IIRC. In other words, what is the core problem you are trying to solve? Cya, Jona
