Re: Make smtpd/Postscreen compatible with load balancers

Sun, 27 May 2012 11:57:52 -0700 

On Sun, May 27, 2012 at 12:21:49PM +0200, DTNX Postmaster wrote:

> Also, why would you need a proxy? Unlike HTTP, SMTP does not benefit 
> from front-end caching and the like. HTTP is a stateless, SMTP a 
> stateful protocol? It is easily made highly available, just based on 
> the MX records, and you can implement basic load balancing by having 
> several MX records with the same priority, IIRC.

I concur. Postscreen is only needed in front of public MX hosts to
reduce hogging of the SMTP service by ratware. On public MX hosts,
you can use a proxy that sits in the network path between the
outside world and the MX hosts, in which case the proxy will not
rewrite the source IP and no XCLIENT is required.

Or you can use a proxy like F5 that can implement XCLIENT (the F5
can perform an programmable initial chat-script before handing
the client stream to the server).

Finally, no postscreen is needed in front of submission servers.

So you can choose proxies that don't rewrite the layer 3 IP address,
proxies that do, but can do XCLIENT. Or multiple MX hosts with no
proxies at all:

        example.com. IN MX 0 mx1.example.com.
        example.com. IN MX 0 mx2.example.com.
        example.com. IN MX 0 mx3.example.com.
        example.com. IN MX 0 mx4.example.com.
        ;
        mx1.example.com. IN A 192.0.2.1
        mx1.example.com. IN A 192.0.2.2
        mx1.example.com. IN A 192.0.2.3
        mx1.example.com. IN A 192.0.2.4
        ;
        mx2.example.com. IN A 192.0.2.5
        mx2.example.com. IN A 192.0.2.6
        mx2.example.com. IN A 192.0.2.7
        mx2.example.com. IN A 192.0.2.8
        ;
        mx3.example.com. IN A 192.0.2.9
        mx3.example.com. IN A 192.0.2.10
        mx3.example.com. IN A 192.0.2.11
        mx3.example.com. IN A 192.0.2.12
        ;
        mx4.example.com. IN A 192.0.2.13
        mx4.example.com. IN A 192.0.2.14
        mx4.example.com. IN A 192.0.2.15
        mx4.example.com. IN A 192.0.2.16

The above gets you 16 MX hosts with no load balancers required.
You only need load balancers when you start to get to the size
of Google, Hotmail, ... and they use DNS load-balancers, that
return geo-proximate IPs for the MX host or any-cast IPs. There
is likely a second layer of load-balancing below the DNS layer
at that scale, but very few sites need either.

-- 
        Viktor.

Reply via email to