Discussion:
postfix transport relay vs smtp for gateway
(too old to reply)
Kevin Baker
2004-09-08 16:56:58 UTC
Permalink
We are running a spam virus gateway for an exchange box.
postfix+amavis-new+spamassassin+clamav+mysql

MX for the domain is set to send mail through our machine.
The transports in /etc/postfix/transport then send it on
over to the primary mailserver using the [brackets] to
avoid MX lookup.

Works great... question though.

Should I be using a relay or smtp transport setting?


Example from the /etc/postfix/transport:

mydomain.com relay:[real mailserver ip]

#or#

mydomain.com smtp:[real mailserver ip]



Thanks,

Kevin
Magnus Bäck
2004-09-08 17:12:01 UTC
Permalink
On Wednesday, September 08, 2004 at 18:47 CEST,
Post by Kevin Baker
We are running a spam virus gateway for an exchange box.
postfix+amavis-new+spamassassin+clamav+mysql
MX for the domain is set to send mail through our machine.
The transports in /etc/postfix/transport then send it on
over to the primary mailserver using the [brackets] to
avoid MX lookup.
Works great... question though.
Should I be using a relay or smtp transport setting?
With different transports you can use different settings for process,
concurrency and/or recipient limits, or whatever options you might want
to override for the relay transport. With the qmgr or Postfix 2.0 (oqmgr
in 2.1), inbound mail would be penalized compared to outbound mail on
a very heavily loaded system. I don't think this is a issue with the
Postfix 2.1 qmgr (nqmgr in 2.0), which implements a different queue
scheduling algorithm (see SCHEDULER_README).

So unless you have performance problems or need more fine-grained
control of the SMTP client settings used it doesn't really matter
what you choose.

[...]

--=20
Magnus B=E4ck
***@dsek.lth.se
Victor Duchovni
2004-09-08 17:24:18 UTC
Permalink
Post by Kevin Baker
MX for the domain is set to send mail through our machine.
The transports in /etc/postfix/transport then send it on
over to the primary mailserver using the [brackets] to
avoid MX lookup.
Should I be using a relay or smtp transport setting?
mydomain.com relay:[real mailserver ip]
mydomain.com smtp:[real mailserver ip]
Use "relay". This avoids contention for delivery agents
between inbound and outbound mail and allows separate
tuning of timeouts, concurrency, ... For low volume
sites with working recipient validation, the below is
overkill, but indicates the resulting flexibility.

main.cf:
# No need for transport table if all relay domains are
# served by a single set of machines.
#
relay_transport = relay:[in.bound.relay]

# Allow greater concurrency for inbound mail, and
# don't split mail unnecessarily if the inbound
# relay permits 1000 recipients.
#
relay_destination_concurrency_limit = 100
relay_destination_recipient_limit = 1000

# With multiple inbound relays fail to an alternate relay
# faster.
#
relay_connect_timeout = 2s
relay_helo_timeout = 2s

# If running Postfix 2.2-20040829 or later:
# With caching, a lower concurrency limit is likely enough,
# so perhaps reduce that from 100 to 50 or just leave at
# the default of 20.
#
relay_connection_cache_destinations = in.bound.relay

master.cf:
relay ... smtp
-o smtp_connect_timeout=$relay_connect_timeout
-o smtp_helo_timeout=$relay_helo_timeout
--
Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:***@postfix.org?body=unsubscribe%20postfix-users>
Kevin Baker
2004-09-08 17:31:57 UTC
Permalink
This is great... thanks for the reply..

Can you clarify the master.cf conf below... as in the
"relay ... smtp"?


<snip>
Post by Victor Duchovni
relay ... smtp
-o smtp_connect_timeout=3D$relay_connect_timeout
-o smtp_helo_timeout=3D$relay_helo_timeout
--
Viktor.
Thanks again,

Kevin
Victor Duchovni
2004-09-08 17:37:21 UTC
Permalink
Post by Victor Duchovni
relay ... smtp
-o smtp_connect_timeout=$relay_connect_timeout
-o smtp_helo_timeout=$relay_helo_timeout
Can you clarify the master.cf conf [above]... as in the
"relay ... smtp"?
In master.cf, you find an entry for a service named "relay"
which is implemented by the "smtp" daemon:

# grep relay /etc/postfix/master.cf
relay unix - - n - - smtp

It is wasteful to spell out all the flags, but sadly also wasteful not to,
in the cases when this is not clear.
--
Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:***@postfix.org?body=unsubscribe%20postfix-users>
Kevin Baker
2004-09-08 17:47:36 UTC
Permalink
Sorry I'm sure a simple glance at master.cf would have
shown me what you sent ;)

This is very helpful..
[scratched an itch that was bugging me]

Thanks again,

Kevin
On Wed, Sep 08, 2004 at 10:22:29AM -0700, Kevin Baker
Post by Victor Duchovni
relay ... smtp
-o smtp_connect_timeout=3D$relay_connect_timeout
-o smtp_helo_timeout=3D$relay_helo_timeout
Can you clarify the master.cf conf [above]... as in the
"relay ... smtp"?
In master.cf, you find an entry for a service named
"relay"
# grep relay /etc/postfix/master.cf
relay unix - - n - -
smtp
It is wasteful to spell out all the flags, but sadly also
wasteful not to,
in the cases when this is not clear.
--
Viktor.
Disclaimer: off-list followups get on-list replies or get
ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
Loading...