Re: [exim] Speed for authenticated users

Top Page
Delete this message
Reply to this message
Author: W B Hacker
Date:  
To: exim users
Subject: Re: [exim] Speed for authenticated users
Christopher Molnar wrote:
> I have a question - is there anyway to speed up the transmission of mail by
> authenticated users? I want the users to be able to log in and send mail
> extremely quickly. I don't remember seeing the delay that I am seeing now
> when we where using procmail. Can received mail be queued ant then
> processed? I have an extremely mobile workforce and this is pretty
> important.
>
>
>
> Thanks,
>
> -Chris
>
>
>


Yes, several.

First, turn-off ident lookups, which rarely succeed these days,
but can visibly delay an MUA's connections [1].

Then - based on the connection meeting your requirements for
arrival port, security protocol, even MUA and OS in use, you may:

either:

- use the in-built 'authenticated' condition test

and/or (more complex if you want it):

- set an acl-c(x) and/or acl_m(x) flag for 'authenticated' +
custom test conditions of your own

THEN:

- check either/both early in each succeeding set of acl's to
selectively skip over some or all of the following tests in that
section. Each section may get such treatment, from connect to
data, depending on what info is available at that stage.

The key is to use the 'accept' verb in the testing acl and close
it with an 'endpass'.

When satisfied, 'endpass' will skip all succeding acl's *in that
section*, such as MIME, ClamAV and SpamAssassin scanning.


EX:

  accept
     authenticated   = *
     endpass


or

   accept
     !condition  = ${if eq{$acl_c4}{0}}
     endpass


- where you would have set a non-zero code number in acl_c4
or an acl_m(x) variable based on other tests of your own.

The 'earliest' such test simply that of connecting on an
approved submission port, and the most complex perhaps that of
scanning headers for any Micros**t thumbprints or attachments
for certain file extents to determine if you wish to ClamAV
and/or SpamAssassin scan a particular outbound message.

Lots of flexibility here.

If you attempt a test before the necessary data is available,
Exim will say so in ~/paniclog.

Temporarily adding a 'logwrite' with some sort of code ID for
each new acl is a good idea while testing.

HTH,

Bill


[1] Also very important that the server has fast & reliable
nameservers for DNS checks in general. Check these periodically.