diff options
author | Guilhem Moulin <guilhem@fripost.org> | 2014-04-17 04:56:43 +0200 |
---|---|---|
committer | Guilhem Moulin <guilhem@fripost.org> | 2015-06-07 02:51:47 +0200 |
commit | e9e8ce2add2b7c020daa02228e506e7c02828c15 (patch) | |
tree | 88aee2a20e3c1961aa94769a4df4f236a21741bc /roles/MX/templates | |
parent | 3d4b17515fc21dbb218873b23ff9272ca9474e8e (diff) |
Decongestion potential bottlenecks on trivial_rewrite(8).
Which might be caused by slow LDAP lookups in transport_maps. Instead,
we alias each addresses for which we want a custom transport to a
dedicated "dummy" domain, and use a static (CDB) transport_maps to map
said domains to their transport; the receiver can then use canonical(8)
to restore the original envelope recipient. Since the alias resolution
is performed by cleanup(8), which can run in parallel with other
instances, it should decongestion bottlenecks under heavy loads.
So far only the MX:es have been decongestioned. The list manager and
the MDA should be treated as well.
Diffstat (limited to 'roles/MX/templates')
6 files changed, 31 insertions, 30 deletions
diff --git a/roles/MX/templates/etc/postfix/main.cf.j2 b/roles/MX/templates/etc/postfix/main.cf.j2 index 6c2004a..8bed701 100644 --- a/roles/MX/templates/etc/postfix/main.cf.j2 +++ b/roles/MX/templates/etc/postfix/main.cf.j2 @@ -51,25 +51,22 @@ relayhost = [{{ MTA_out.host }}]:{{ MTA_out.port }} relay_domains = # Virtual transport -{% if 'LDA' in group_names %} -virtual_transport = smtpl:[127.0.0.1]:{{ LDA.port }} -{% else %} -virtual_transport = smtps:[{{ LDA.host }}]:{{ LDA.port }} -{% endif %} - +# We use a dedicated "virtual" domain to decongestion potential +# bottlenecks on trivial_rewrite(8) due to slow LDAP lookups in +# tranport_maps. +virtual_transport = error:5.1.1 Virtual transport unavailable virtual_mailbox_domains = ldap:$config_directory/virtual/mailbox_domains.cf virtual_alias_maps = pcre:$config_directory/virtual/reserved_alias.pcre + # first we do the alias resolution... ldap:$config_directory/virtual/alias.cf - # stop the alias resolution (by making finding - # an A -> A alias) before searching for - # catch-alls and domain aliases - $virtual_mailbox_maps + # ...and unless there is matching mailbox/list... + ldap:$config_directory/virtual/mailbox.cf + ldap:$config_directory/virtual/list.cf + # ...we resolve alias domains and catch alls ldap:$config_directory/virtual/alias_domains.cf ldap:$config_directory/virtual/catchall.cf -virtual_mailbox_maps = ldap:$config_directory/virtual/mailbox.cf - ldap:$config_directory/virtual/list.cf -transport_maps = cdb:$config_directory/virtual/transport_reserved_alias - ldap:$config_directory/virtual/transport_list.cf +virtual_mailbox_maps = +transport_maps = cdb:$config_directory/virtual/transport # Don't rewrite remote headers local_header_rewrite_clients = @@ -77,6 +74,7 @@ local_header_rewrite_clients = smtp_send_xforward_command = yes # Avoid splitting the envelope and scanning messages multiple times smtp_destination_recipient_limit = 1000 +reserved-alias_recipient_limit = 1 # Tolerate occasional high latency smtp_data_done_timeout = 1200s diff --git a/roles/MX/templates/etc/postfix/virtual/list.cf.j2 b/roles/MX/templates/etc/postfix/virtual/list.cf.j2 index 8bcd5df..6100c01 100644 --- a/roles/MX/templates/etc/postfix/virtual/list.cf.j2 +++ b/roles/MX/templates/etc/postfix/virtual/list.cf.j2 @@ -6,4 +6,6 @@ scope = base bind = none query_filter = (&(objectClass=FripostVirtualList)(fvl=%u)) result_attribute = fvl -result_format = %S +# Use a dedicated "virtual" domain to decongestion potential bottlenecks +# on trivial_rewrite(8) due to slow LDAP lookups in tranport_maps. +result_format = %D/%U@lists.guilhem.org diff --git a/roles/MX/templates/etc/postfix/virtual/mailbox.cf.j2 b/roles/MX/templates/etc/postfix/virtual/mailbox.cf.j2 index b421e9a..fe27124 100644 --- a/roles/MX/templates/etc/postfix/virtual/mailbox.cf.j2 +++ b/roles/MX/templates/etc/postfix/virtual/mailbox.cf.j2 @@ -6,4 +6,6 @@ scope = base bind = none query_filter = (&(objectClass=FripostVirtualUser)(fvl=%u)) result_attribute = fvl -result_format = %S +# Use a dedicated "virtual" domain to decongestion potential bottlenecks +# on trivial_rewrite(8) due to slow LDAP lookups in tranport_maps. +result_format = %D/%U@mda.guilhem.org diff --git a/roles/MX/templates/etc/postfix/virtual/transport.j2 b/roles/MX/templates/etc/postfix/virtual/transport.j2 new file mode 100644 index 0000000..6d244dc --- /dev/null +++ b/roles/MX/templates/etc/postfix/virtual/transport.j2 @@ -0,0 +1,13 @@ +reserved.locahost.localdomain reserved-alias: + +{% if 'LDA' in group_names %} +mda.guilhem.org smtpl:[127.0.0.1]:{{ LDA.port }} +{% else %} +mda.guilhem.org smtps:[{{ LDA.host }}]:{{ LDA.port }} +{% endif %} + +{% if 'lists' in group_names %} +lists.guilhem.org smtpl:[127.0.0.1]:{{ lists.port }} +{% else %} +lists.guilhem.org smtps:[{{ lists.host }}]:{{ lists.port }} +{% endif %} diff --git a/roles/MX/templates/etc/postfix/virtual/transport_list.cf.j2 b/roles/MX/templates/etc/postfix/virtual/transport_list.cf.j2 deleted file mode 100644 index eb696db..0000000 --- a/roles/MX/templates/etc/postfix/virtual/transport_list.cf.j2 +++ /dev/null @@ -1,13 +0,0 @@ -server_host = ldapi://%2Fprivate%2Fldapi/ -version = 3 -search_base = fvl=%u,fvd=%d,ou=virtual,o=mailHosting,dc=fripost,dc=org -domain = static:all -scope = base -bind = none -query_filter = (&(objectClass=FripostVirtualList)(fvl=%u)) -result_attribute = fvl -{% if 'lists' in group_names %} -result_format = smtpl:[127.0.0.1]:{{ lists.port }} -{% else %} -result_format = smtps:[{{ lists.host }}]:{{ lists.port }} -{% endif %} diff --git a/roles/MX/templates/etc/postfix/virtual/transport_reserved_alias.j2 b/roles/MX/templates/etc/postfix/virtual/transport_reserved_alias.j2 deleted file mode 100644 index 4af5318..0000000 --- a/roles/MX/templates/etc/postfix/virtual/transport_reserved_alias.j2 +++ /dev/null @@ -1 +0,0 @@ -reserved.locahost.localdomain reserved-alias: |