Re: [exim] Limiting incoming connections on a per-domain bas…

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: W B Hacker
Data:  
Para: exim-users
Asunto: Re: [exim] Limiting incoming connections on a per-domain basis
Philip Hazel wrote:

> On Fri, 22 Sep 2006, W B Hacker wrote:
>
>
>>A correspondent MTA will not know prior to starting delivery runs that
>><domain1>.<tld> and <domain2>.<tld> are hosted on the same virtual server IP, so
>>will run separate deliveries for the 'To:', 'CC:', Bcc:' not on the same domains.
>
>
> Not true for Exim provided that both the virtual servers are using the
> same IP address (as you have stated that they are). Independent of the
> domains, Exim sorts outgoing addresses according to the host lists they
> route to, and uses a single connection for those that are going to the
> same hosts (up to the max_rcpt limit, and subject to having the same
> added headers, rewritten return-path, etc, etc. that is, when the
> message bodies are identical).
>


I am sure you are correct about the code, but doubt that conglomeration /
batching is even operative unless there is enough near-simultaneous remote_smtp
traffic to have accumulate in queue at all.

I just tried to simulate that with 'queue_only = true' and Exim invoked with
'-q5m'.

Three messages pre-composed, sent as fast as I could hit the button, sat in
queue for ~ five minutes - as expected, were then sent 1,2,3, - and arrived at
the far-end (a Qmail box in ZRH) with different HELO and hostnames - 'generally'
appropriate to the sender accounts.

There is an element of chance here in that three PTR records are in DNS pointing
to the same IP. (Not a practice I recommend anymore, though it has some
advantages w/r a *manual* 'host 203.194.153.81' lookup).

The 'why' of that may have to do with my router chain, wherein a router per each
hosted domain keys on 'From:', for authenticated submissions heading off-box,
sets 'helo_data' accordingly before handing-off to the same remote_smtp
transport that uses said data.

With our 'normal' settings of q55s and queue_only = false, it works under our
typical light loads, so I would presume separate IP with single-host per-IP DNS
PTR records would be even better separated under light load.

A special case load/queue wise? Yes - but not necessarily an uncommon one.

"The scientist said that it couldn't be done, but the damn fool Engineer didn't
know that, so he did it."

J.J. Pershing.

;-)

Bill Hacker