Discussion:
Use relayhost and also DNS based routing
(too old to reply)
Ram
2016-05-04 06:09:48 UTC
Permalink
I have a postfix relay server that sends all mails to a relayhost.
Problem is that some domains , whose MX is all same, are not accepting
mails from that relayhost for now.

Until that issue is resolved I want to route all such domains mails (
where MX is pointing to a particular host ) via a different network.
I dont have a list of all such domains , only the MX host is known

Can there be any such configuration in postfix


Thanks
Ram
Viktor Dukhovni
2016-05-04 07:13:39 UTC
Permalink
Post by Ram
I have a postfix relay server that sends all mails to a relayhost.
Problem is that some domains , whose MX is all same, are not accepting
mails from that relayhost for now.
Until that issue is resolved I want to route all such domains mails ( where
MX is pointing to a particular host ) via a different network.
I dont have a list of all such domains , only the MX host is known
Can there be any such configuration in postfix
You'd need a socketmap-based transport(5) table, with the daemon
serving the socket doing the MX lookups and deciding what to do.
If the MX lookup temp-fails, you'd need to return "retry:4.1.2 MX
resolution failed" as the transport. (You could also use "tcp"
tables, but the "socketmap" protocol is somewhat better).

Transport lookup needs to be low-latency, so the daemon needs to
be capable of processing many requests in parallel, and needs to
consolidate multiple requests for the same domain while the answer
is still pending).

Unfortunately, transport(5) lookups in qmgr(8) are single-threaded,
so you're going to see a significant throughput penalty for doing
this. Your queue manager may stall for multiple seconds delivering
no mail. This is only suitable for low-volume senders.

To support this properly the Postfix queue manager would need to
be redesigned to load messages into the active queue in parallel,
with multiple front-end servers reading queue files and doing
transport queries, and only delegating work to "the one" qmgr that
only does scheduling and does not block doing file I/O or transport
lookups.

Such a re-design would be a major undertaking.

Another approach would be a content filter or pre-queue proxy filter
that rewrites addresses whose domains have the special MX hosts.
Because there can be many parallel proxy or content filters, the
latency cost of lookups for slow domains will be ammortized across
a wide pool of concurrent processes.

The rewritten addresses would then be forwarded to a second Postfix
instance and returned to their original form in the process. The
second instance would do MX-based routing and bypass the relayhost.
--
Viktor.
/dev/rob0
2016-05-04 14:26:42 UTC
Permalink
Post by Viktor Dukhovni
Post by Ram
I have a postfix relay server that sends all mails to a relayhost.
Problem is that some domains , whose MX is all same, are not accepting
mails from that relayhost for now.
Until that issue is resolved I want to route all such domains mails ( where
MX is pointing to a particular host ) via a different network.
I dont have a list of all such domains , only the MX host is known
Can there be any such configuration in postfix
You'd need a socketmap-based transport(5) table, with the daemon
serving the socket doing the MX lookups and deciding what to do.
If the MX lookup temp-fails, you'd need to return "retry:4.1.2 MX
resolution failed" as the transport. (You could also use "tcp"
tables, but the "socketmap" protocol is somewhat better).
What about a check_recipient_mx_access lookup and a FILTER result? I
suppose that fails for multiple recipients where one or more of them
are not at that MX host.
--
http://rob0.nodns4.us/
Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
Ram
2016-05-04 14:39:56 UTC
Permalink
Post by Viktor Dukhovni
Post by Ram
I have a postfix relay server that sends all mails to a relayhost.
Problem is that some domains , whose MX is all same, are not accepting
mails from that relayhost for now.
Until that issue is resolved I want to route all such domains mails ( where
MX is pointing to a particular host ) via a different network.
I dont have a list of all such domains , only the MX host is known
Can there be any such configuration in postfix
You'd need a socketmap-based transport(5) table, with the daemon
I have been trying to get an example of a socketmap daemon , which
postfix can talk to for a transport.
The man page of socketmap describes the usage but I couldnt find where
we get the socketmap code



Can you please give me pointers , of how this is implemented
Post by Viktor Dukhovni
serving the socket doing the MX lookups and deciding what to do.
If the MX lookup temp-fails, you'd need to return "retry:4.1.2 MX
resolution failed" as the transport. (You could also use "tcp"
tables, but the "socketmap" protocol is somewhat better).
Transport lookup needs to be low-latency, so the daemon needs to
be capable of processing many requests in parallel, and needs to
consolidate multiple requests for the same domain while the answer
is still pending).
Unfortunately, transport(5) lookups in qmgr(8) are single-threaded,
so you're going to see a significant throughput penalty for doing
this. Your queue manager may stall for multiple seconds delivering
no mail. This is only suitable for low-volume senders.
To support this properly the Postfix queue manager would need to
be redesigned to load messages into the active queue in parallel,
with multiple front-end servers reading queue files and doing
transport queries, and only delegating work to "the one" qmgr that
only does scheduling and does not block doing file I/O or transport
lookups.
Such a re-design would be a major undertaking.
Another approach would be a content filter or pre-queue proxy filter
that rewrites addresses whose domains have the special MX hosts.
Because there can be many parallel proxy or content filters, the
latency cost of lookups for slow domains will be ammortized across
a wide pool of concurrent processes.
The rewritten addresses would then be forwarded to a second Postfix
instance and returned to their original form in the process. The
second instance would do MX-based routing and bypass the relayhost.
Locojohn
2020-11-17 11:26:47 UTC
Permalink
Post by Ram
Can you please give me pointers , of how this is implemented
I am also interested to see an example. Fast-forward 4 years and I am having the same issue: check_recipient_mx_access with a FILTER works for a single recipient, but when multiple recipients are specified in mail, it does not work correctly PER recipient.
Continue reading on narkive:
Loading...