On Mon, Nov 28, 2011 at 14:04, Pandu Poluan <pa...@poluan.info> wrote: [snip] > > I think it's Postfix's README: > > http://www.postfix.org/SMTPD_PROXY_README.html > > That said, the above page explicitly warns about the possibility of server > deadlock. Since this is meant to be the corporate mail gateway, I prefer the > after-queue methods.
Ah, I see... I know that README and it is basically right. However, even with after-queue scanning you will run into the same class of problems and you'll have to put limits for the number of threads for antispam scanning etc. The main difference, speed-wise, is that with after-queue scanning the MTA will accept and queue new mail much faster. But the delivery will still be delayed until scanning finishes. In case of a massive flood of mails or a malfunction of the filters, both the sender and the receiver will be unaware of the delay. But if you put the limits right in the before-queue antispam scanning, there will be no delays that the sender or receiver are unaware of. In case of a massive flood of mails, the sender's MTA will keep retrying until reaching the limit (eg. 4 hours) when it will inform the sender that it cannot deliver and it is still retrying. So the sender will know that he/she must try to reach that person using other channels of communication. There are other related advantages in this scenario, but I will not bore you with more details. -- mișu
