From: "Stephen L. Ulmer" <[EMAIL PROTECTED]> Date: Wed, 05 Feb 2003 16:57:15 -0500 [...] Hmmm... what does Sendmail do? It's got lots of children, but still manages to refuse connections when it gets busy (RefuseLA)... I kinda like that behavior. I definitely like it better than keeping more and more sockets open.
Sendmail only accepts new connections in the parent process. When the LA goes over RefuseLA, it closes the socket. In order to reopen the socket, the parent always has root privs. (The cyrus master process changes to "cyrus" from "root" very early on.) So Sendmail's scheme doesn't work for us. I took a look at a random version of Postfix, and I'm pretty sure it does what we do now (build up the system listen queue). I also agree that it's more user friendly to quickly deny service. I contemplated having a special child to deny service (something like what Ohio has implemented) but it seems tricky. (Imagine the # of processes bouncing right next to the limit.) I definitely would like to avoid forking for every new connection once we're over the limit, since that will just strain the system after we're already heavily loaded. Larry
