Autor: David Woodhouse Data: A: exim-users Assumpte: [Exim] Exim instances sharing db directory.
I'd like to make two separate instances (configurations) of Exim share
the same spool/db/ directory, specifically because I want them to share
callout cache data. Since there's already locking against multiple
processes of the _same_ configuration, would I be right in thinking this
is safe?
To preempt the questions about why I want it....
I have a static IP address and domain name from my ISP. The ISP has MX
records for that domain pointing to its own servers, which will attempt
to deliver the mail directly to me via SMTP whenever I'm dialled up.
The ISP does not have a timeout on queued messages -- or if it does,
it's a _long_ timeout before messages are bounced. This is because the
system is designed to allow very infrequent dialup, and the mail is also
fetchable by POP3; it's not _just_ a standard mail queue.
If my Exim issues a temporary reject due to sender verification, the
offending mail remains on the ISP's mail queue for me. Eventually these
mails build up, causing real mail to get delayed.
My solution to this is to install one Exim instance listening on the
public IPv4 address, which has all the same SpamAssassin and sender
verification checks except for the addition of defer_ok. It forwards
(with recipient verification callouts) to the 'real' Exim for my home
box, which is listening on IPv6.
So mail from (apparently) temporarily invalid senders will end up on my
own queue, eventually either getting through when the temporary error is
fixed, or getting bounced. In order to avoid frozen messages cluttering
up my queue, the forward-only Exim is actually configured to send mail
for anywhere _other_ than my ISP-derived domain via the ISP's smarthost.
They accepted it on my behalf; they can have it back :)
Now, when a good mail comes in and is forwarded from the relaying Exim
to the real one, I see both versions of Exim doing identical sender
verification callouts within seconds of each other over my poor dialup
link.
I've tested it briefly and found that making one $spool_directory/db a
symlink to the other does actually work and eliminate the second
identical callout for the same address. But I'd just like to be sure
it's actually safe.