On Thu, Aug 09, 2012 at 09:28:57AM -0400, Deeztek.com Support wrote:
> I have the following setup:
>
> Postfix, Amavisd-new and an email encryption gateway called djigzo
> integrated into the same system:
>
> Email flows is as follows:
>
> Postfix-
> -->10021--->Amavis--->10022---->Postfix---->10025---->Djigzo---->10026---->Postfix---->25---->Internet
>
>
> Postfix injects email to Amavis on port 10021. Amavis reinjects on
> port 10022 and then Postfix injects to the Djigzo SMTP server for
> S/MIME encryption on port 10025 which in turn reinjects on port
> 10026.
Use multiple Postfix instances.
http://www.postfix.org/MULTI_INSTANCE_README.html
configure DKIM signing only in the final output Postfix instance
that is behind the S/MIME proxy.
Also consider eliminating the middle Postfix from the mail flow.
You only need a queue between two content filters if one of them
is CPU intensive and low latency (so you want low concurrency) and
the other CPU-light and high latency (waits for lots of remote DNS
lookups, ...) so you want high concurrency. Otherwise, you can just
configure Amavis to send directly do the S/MIME proxy at the same
concurrency (the default is 20 which is the
<transport>_destination_concurrency_limit
for the content-filter transport), you can tune this to match your
requirements provided it matches the concurrency supported by
the proxy.
--
Viktor.
