From f15b7e2082cd20d73d9f81a2d351cc9b13a037dd Mon Sep 17 00:00:00 2001 From: Wietse Venema Date: Wed, 23 Jan 2008 00:00:00 -0500 Subject: [PATCH] postfix-2.5.0 --- postfix/HISTORY | 9 +- postfix/README_FILES/QSHAPE_README | 133 ++++++++++++++++++------ postfix/RELEASE_NOTES | 4 +- postfix/conf/postfix-files | 16 +-- postfix/html/QSHAPE_README.html | 110 ++++++++++++++++++-- postfix/html/oqmgr.8.html | 5 +- postfix/html/postconf.5.html | 82 +++++++-------- postfix/html/qmgr.8.html | 5 +- postfix/man/man5/postconf.5 | 52 ++++----- postfix/man/man8/oqmgr.8 | 4 +- postfix/man/man8/qmgr.8 | 4 +- postfix/mantools/postlink | 4 +- postfix/proto/QSHAPE_README.html | 110 ++++++++++++++++++-- postfix/proto/postconf.proto | 8 +- postfix/src/global/mail_params.h | 4 +- postfix/src/global/mail_version.h | 4 +- postfix/src/oqmgr/qmgr.c | 4 +- postfix/src/postconf/auto.awk | 2 +- postfix/src/qmgr/qmgr.c | 4 +- postfix/src/smtp/smtp_sasl_auth_cache.c | 13 +-- postfix/src/util/sane_accept.c | 4 +- postfix/src/util/sane_connect.c | 4 +- postfix/src/util/sane_socketpair.c | 4 +- 23 files changed, 421 insertions(+), 168 deletions(-) diff --git a/postfix/HISTORY b/postfix/HISTORY index 29af59cdd..59862c25a 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -13870,7 +13870,7 @@ Apologies for any names omitted. 20071202 Feature: output rate control. For example, specify - "smtp_delivery_rate_delay = 5m" to insert a five-minute + "smtp_destination_rate_delay = 5m" to insert a five-minute delay between deliveries. This was an opportunity to define the mutually exclusive states that a queue can have, and to detect invalid transitions. This will make adding new @@ -14270,3 +14270,10 @@ Apologies for any names omitted. Bugfix (introduced 20080112): missing #ifdef for the SASL login failure cache. File: smtp/smtp_sasl_auth_cache.h. + +20080123 + + Name fix: renamed the mumble_delivery_rate_delay parameter + to mumble_destination_rate_delay, because it really is a + per-destination feature. With this change we keep the option + of implementing a future per-transport rate delay. diff --git a/postfix/README_FILES/QSHAPE_README b/postfix/README_FILES/QSHAPE_README index 05c546a87..3e8877caa 100644 --- a/postfix/README_FILES/QSHAPE_README +++ b/postfix/README_FILES/QSHAPE_README @@ -290,54 +290,121 @@ If one finds oneself needing to deliver a high volume of mail to a destination that exhibits frequent brief bursts of errors and connection caching does not solve the problem, there is a subtle workaround. - * In master.cf set up a dedicated clone of the "smtp" transport for the - destination in question. + * Postfix version 2.5 and later: - * In master.cf configure a reasonable process limit for the transport (a - number in the 10-20 range is typical). + o In master.cf set up a dedicated clone of the "smtp" transport for the + destination in question. In the example below we will call it + "fragile". - * IMPORTANT!!! In main.cf configure a very large initial and destination - concurrency limit for this transport (say 2000). + o In master.cf configure a reasonable process limit for the cloned smtp + transport (a number in the 10-20 range is typical). - /etc/postfix/main.cf: - initial_destination_concurrency = 2000 - transportname_destination_concurrency_limit = 2000 + o IMPORTANT!!! In main.cf configure a large per-destination pseudo-cohort + failure limit for the cloned smtp transport. - Where transportname is the name of the master.cf entry in question. + /etc/postfix/main.cf: + transport_maps = hash:/etc/postfix/transport + fragile_destination_concurrency_failed_cohort_limit = 100 + fragile_destination_concurrency_limit = 20 -The effect of this surprising configuration is that up to 2000 consecutive -errors are tolerated without marking the destination dead, while the total -concurrency remains reasonable (10-20 processes). This trick is only for a very -specialized situation: high volume delivery into a channel with multi-error -bursts that is capable of high throughput, but is repeatedly throttled by the -bursts of errors. + /etc/postfix/transport: + example.com fragile: + + /etc/postfix/master.cf: + # service type private unpriv chroot wakeup maxproc command + fragile unix - - n - 20 smtp + + See also the documentation for + default_destination_concurrency_failed_cohort_limit and + default_destination_concurrency_limit. + + * Earlier Postfix versions: + + o In master.cf set up a dedicated clone of the "smtp" transport for the + destination in question. In the example below we will call it + "fragile". + + o In master.cf configure a reasonable process limit for the transport (a + number in the 10-20 range is typical). + + o IMPORTANT!!! In main.cf configure a very large initial and destination + concurrency limit for this transport (say 2000). + + /etc/postfix/main.cf: + transport_maps = hash:/etc/postfix/transport + initial_destination_concurrency = 2000 + fragile_destination_concurrency_limit = 2000 + + /etc/postfix/transport: + example.com fragile: + + /etc/postfix/master.cf: + # service type private unpriv chroot wakeup maxproc command + fragile unix - - n - 20 smtp + + See also the documentation for default_destination_concurrency_limit. + +The effect of this configuration is that up to 2000 consecutive errors are +tolerated without marking the destination dead, while the total concurrency +remains reasonable (10-20 processes). This trick is only for a very specialized +situation: high volume delivery into a channel with multi-error bursts that is +capable of high throughput, but is repeatedly throttled by the bursts of +errors. When a destination is unable to handle the load even after the Postfix process limit is reduced to 1, a desperate measure is to insert brief delays between delivery attempts. - * In the transport map entry for the problem destination, specify a dead host - as the primary nexthop. + * Postfix version 2.5 and later: - * In the master.cf entry for the transport specify the problem destination as - the fallback_relay and specify a small smtp_connect_timeout value. + o In master.cf set up a dedicated clone of the "smtp" transport for the + problem destination. In the example below we call it "slow". - /etc/postfix/transport: - problem.example.com slow:[dead.host] + o In main.cf configure a short delay between deliveries to the same + destination. - /etc/postfix/master.cf: - # service type private unpriv chroot wakeup maxproc command - slow unix - - n - 1 smtp - -o fallback_relay=problem.example.com - -o smtp_connect_timeout=1 + /etc/postfix/main.cf: + transport_maps = hash:/etc/postfix/transport + slow_destination_rate_delay = 1 -This solution forces the Postfix smtp(8) client to wait for -$smtp_connect_timeout seconds between deliveries. The solution depends on -Postfix connection management details, and needs to be updated when SMTP -connection caching is introduced. + /etc/postfix/transport: + example.com slow: -Hopefully a more elegant solution to these problems will be found in the -future. + /etc/postfix/master.cf: + # service type private unpriv chroot wakeup maxproc command + slow unix - - n - - smtp + + See also the documentation for default_destination_rate_delay. + + This solution forces the Postfix smtp(8) client to wait for + $slow_destination_rate_delay seconds between deliveries to the same + destination. + + * Earlier Postfix versions: + + o In the transport map entry for the problem destination, specify a dead + host as the primary nexthop. + + o In the master.cf entry for the transport specify the problem + destination as the fallback_relay and specify a small + smtp_connect_timeout value. + + /etc/postfix/main.cf: + transport_maps = hash:/etc/postfix/transport + + /etc/postfix/transport: + example.com slow:[dead.host] + + /etc/postfix/master.cf: + # service type private unpriv chroot wakeup maxproc command + slow unix - - n - 1 smtp + -o fallback_relay=problem.example.com + -o smtp_connect_timeout=1 + -o smtp_cache_connection=no + + This solution forces the Postfix smtp(8) client to wait for + $smtp_connect_timeout seconds between deliveries. The connection caching + feature is disabled to prevent the client from skipping over the dead host. PPoossttffiixx qquueeuuee ddiirreeccttoorriieess diff --git a/postfix/RELEASE_NOTES b/postfix/RELEASE_NOTES index a8730c4b4..f560d3b5d 100644 --- a/postfix/RELEASE_NOTES +++ b/postfix/RELEASE_NOTES @@ -220,9 +220,9 @@ easier to find. This document describes the "mail sending" side only. [Feature 20071202] Output rate control in the queue manager. For -example, specify "smtp_delivery_rate_delay = 5m", to pause five +example, specify "smtp_destination_rate_delay = 5m", to pause five minutes between message deliveries. More information in the postconf(5) -manual under "default_delivery_rate_delay". +manual under "default_destination_rate_delay". Major changes - smtp client --------------------------- diff --git a/postfix/conf/postfix-files b/postfix/conf/postfix-files index 7690afc90..9bd905f8c 100644 --- a/postfix/conf/postfix-files +++ b/postfix/conf/postfix-files @@ -192,10 +192,10 @@ $manpage_directory/man8/verify.8:f:root:-:644 $manpage_directory/man8/virtual.8:f:root:-:644 $sample_directory/sample-aliases.cf:f:root:-:644:o $sample_directory/sample-auth.cf:f:root:-:644:o -$sample_directory/sample-canonical.cf:f:root:-:644:o:o +$sample_directory/sample-canonical.cf:f:root:-:644:o $sample_directory/sample-compatibility.cf:f:root:-:644:o $sample_directory/sample-debug.cf:f:root:-:644:o -$sample_directory/sample-filter.cf:f:root:-:644:o:o +$sample_directory/sample-filter.cf:f:root:-:644:o $sample_directory/sample-flush.cf:f:root:-:644:o $sample_directory/sample-ipv6.cf:f:root:-:644:o $sample_directory/sample-ldap.cf:f:root:-:644:o @@ -203,15 +203,15 @@ $sample_directory/sample-lmtp.cf:f:root:-:644:o $sample_directory/sample-local.cf:f:root:-:644:o $sample_directory/sample-mime.cf:f:root:-:644:o $sample_directory/sample-misc.cf:f:root:-:644:o -$sample_directory/sample-pcre-access.cf:f:root:-:644:o:o -$sample_directory/sample-pcre-body.cf:f:root:-:644:o:o -$sample_directory/sample-pcre-header.cf:f:root:-:644:o:o +$sample_directory/sample-pcre-access.cf:f:root:-:644:o +$sample_directory/sample-pcre-body.cf:f:root:-:644:o +$sample_directory/sample-pcre-header.cf:f:root:-:644:o $sample_directory/sample-pgsql-aliases.cf:f:root:-:644:o $sample_directory/sample-qmqpd.cf:f:root:-:644:o $sample_directory/sample-rate.cf:f:root:-:644:o -$sample_directory/sample-regexp-access.cf:f:root:-:644:o:o -$sample_directory/sample-regexp-body.cf:f:root:-:644:o:o -$sample_directory/sample-regexp-header.cf:f:root:-:644:o:o +$sample_directory/sample-regexp-access.cf:f:root:-:644:o +$sample_directory/sample-regexp-body.cf:f:root:-:644:o +$sample_directory/sample-regexp-header.cf:f:root:-:644:o $sample_directory/sample-relocated.cf:f:root:-:644:o $sample_directory/sample-resource.cf:f:root:-:644:o $sample_directory/sample-rewrite.cf:f:root:-:644:o diff --git a/postfix/html/QSHAPE_README.html b/postfix/html/QSHAPE_README.html index 905bc5ebb..7f295ec36 100644 --- a/postfix/html/QSHAPE_README.html +++ b/postfix/html/QSHAPE_README.html @@ -409,8 +409,47 @@ caching does not solve the problem, there is a subtle workaround.

+ +

The effect of this configuration is that up to 2000 consecutive errors are tolerated without marking the destination dead, while the total concurrency remains reasonable (10-20 processes). This trick is only for a very specialized situation: @@ -443,6 +492,42 @@ insert brief delays between delivery attempts.

Postfix queue directories

diff --git a/postfix/html/oqmgr.8.html b/postfix/html/oqmgr.8.html index 63f3625c1..47e56ddb0 100644 --- a/postfix/html/oqmgr.8.html +++ b/postfix/html/oqmgr.8.html @@ -305,14 +305,15 @@ OQMGR(8) OQMGR(8) Available in Postfix version 2.5 and later: - default_delivery_rate_delay (0s) + default_destination_rate_delay (0s) The default amount of delay that is inserted between individual deliveries to the same destina- tion; with per-destination recipient limit > 1, a destination is a domain, otherwise it is a recipi- ent. - transport_delivery_rate_delay $default_delivery_rate_delay + transport_destination_rate_delay $default_destina- + tion_rate_delay Idem, for delivery via the named message transport. MISCELLANEOUS CONTROLS diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html index f3ae20f90..be2b7499b 100644 --- a/postfix/html/postconf.5.html +++ b/postfix/html/postconf.5.html @@ -1595,35 +1595,6 @@ Examples: - - -
default_delivery_rate_delay -(default: 0s)
- -

The default amount of delay that is inserted between individual -deliveries to the same destination; with per-destination recipient -limit > 1, a destination is a domain, otherwise it is a recipient. -

- -

To enable the delay, specify a non-zero time value (an integral -value plus an optional one-letter suffix that specifies the time -unit).

- -

Time units: s (seconds), m (minutes), h (hours), d (days), w -(weeks). The default time unit is s (seconds).

- -

NOTE: the delay is enforced by the queue manager. The delay -timer state does not survive "postfix reload" or "postfix stop". -

- -

Use transport_delivery_rate_delay to specify a -transport-specific override, where transport is the master.cf -name of the message delivery transport. -

- -

This feature is available in Postfix 2.5 and later.

- -
default_delivery_slot_cost @@ -1875,6 +1846,35 @@ is the master.cf name of the message delivery transp

This feature is available in Postfix 2.5 and later.

+ + +
default_destination_rate_delay +(default: 0s)
+ +

The default amount of delay that is inserted between individual +deliveries to the same destination; with per-destination recipient +limit > 1, a destination is a domain, otherwise it is a recipient. +

+ +

To enable the delay, specify a non-zero time value (an integral +value plus an optional one-letter suffix that specifies the time +unit).

+ +

Time units: s (seconds), m (minutes), h (hours), d (days), w +(weeks). The default time unit is s (seconds).

+ +

NOTE: the delay is enforced by the queue manager. The delay +timer state does not survive "postfix reload" or "postfix stop". +

+ +

Use transport_destination_rate_delay to specify a +transport-specific override, where transport is the master.cf +name of the message delivery transport. +

+ +

This feature is available in Postfix 2.5 and later.

+ +
default_destination_recipient_limit @@ -12798,18 +12798,6 @@ This feature is available in Postfix 2.1 and later.

- - -
transport_delivery_rate_delay -(default: $default_delivery_rate_delay)
- -

A transport-specific override for the default_recipient_refill_delay -parameter value, where transport is the master.cf name of -the message delivery transport.

- -

This feature is available in Postfix 2.5 and later.

- -
transport_delivery_slot_cost @@ -12890,6 +12878,18 @@ transport.

This feature is available in Postfix 2.5 and later.

+ + +
transport_destination_rate_delay +(default: $default_destination_rate_delay)
+ +

A transport-specific override for the default_destination_rate_delay +parameter value, where transport is the master.cf name of +the message delivery transport.

+ +

This feature is available in Postfix 2.5 and later.

+ +
transport_destination_recipient_limit diff --git a/postfix/html/qmgr.8.html b/postfix/html/qmgr.8.html index d66594bd3..4a2b26783 100644 --- a/postfix/html/qmgr.8.html +++ b/postfix/html/qmgr.8.html @@ -377,14 +377,15 @@ QMGR(8) QMGR(8) Available in Postfix version 2.5 and later: - default_delivery_rate_delay (0s) + default_destination_rate_delay (0s) The default amount of delay that is inserted between individual deliveries to the same destina- tion; with per-destination recipient limit > 1, a destination is a domain, otherwise it is a recipi- ent. - transport_delivery_rate_delay $default_delivery_rate_delay + transport_destination_rate_delay $default_destina- + tion_rate_delay Idem, for delivery via the named message transport. MISCELLANEOUS CONTROLS diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5 index b8bac10b3..7caba6c62 100644 --- a/postfix/man/man5/postconf.5 +++ b/postfix/man/man5/postconf.5 @@ -886,26 +886,6 @@ default_database_type = dbm .fi .ad .ft R -.SH default_delivery_rate_delay (default: 0s) -The default amount of delay that is inserted between individual -deliveries to the same destination; with per-destination recipient -limit > 1, a destination is a domain, otherwise it is a recipient. -.PP -To enable the delay, specify a non-zero time value (an integral -value plus an optional one-letter suffix that specifies the time -unit). -.PP -Time units: s (seconds), m (minutes), h (hours), d (days), w -(weeks). The default time unit is s (seconds). -.PP -NOTE: the delay is enforced by the queue manager. The delay -timer state does not survive "postfix reload" or "postfix stop". -.PP -Use \fItransport\fR_delivery_rate_delay to specify a -transport-specific override, where \fItransport\fR is the master.cf -name of the message delivery transport. -.PP -This feature is available in Postfix 2.5 and later. .SH default_delivery_slot_cost (default: 5) How often the Postfix queue manager's scheduler is allowed to preempt delivery of one message with another. @@ -1077,6 +1057,26 @@ to specify a transport-specific override, where \fItransport\fR is the master.cf name of the message delivery transport. .PP This feature is available in Postfix 2.5 and later. +.SH default_destination_rate_delay (default: 0s) +The default amount of delay that is inserted between individual +deliveries to the same destination; with per-destination recipient +limit > 1, a destination is a domain, otherwise it is a recipient. +.PP +To enable the delay, specify a non-zero time value (an integral +value plus an optional one-letter suffix that specifies the time +unit). +.PP +Time units: s (seconds), m (minutes), h (hours), d (days), w +(weeks). The default time unit is s (seconds). +.PP +NOTE: the delay is enforced by the queue manager. The delay +timer state does not survive "postfix reload" or "postfix stop". +.PP +Use \fItransport\fR_destination_rate_delay to specify a +transport-specific override, where \fItransport\fR is the master.cf +name of the message delivery transport. +.PP +This feature is available in Postfix 2.5 and later. .SH default_destination_recipient_limit (default: 50) The default maximal number of recipients per message delivery. This is the default limit for delivery via the \fBlmtp\fR(8), \fBpipe\fR(8), @@ -7938,12 +7938,6 @@ of mail deliveries and produces a mail delivery report when verbose delivery is requested with "\fBsendmail -v\fR". .PP This feature is available in Postfix 2.1 and later. -.SH transport_delivery_rate_delay (default: $default_delivery_rate_delay) -A transport-specific override for the default_recipient_refill_delay -parameter value, where \fItransport\fR is the master.cf name of -the message delivery transport. -.PP -This feature is available in Postfix 2.5 and later. .SH transport_delivery_slot_cost (default: $default_delivery_slot_cost) A transport-specific override for the default_delivery_slot_cost parameter value, where \fItransport\fR is the master.cf name of @@ -7982,6 +7976,12 @@ where \fItransport\fR is the master.cf name of the message delivery transport. .PP This feature is available in Postfix 2.5 and later. +.SH transport_destination_rate_delay (default: $default_destination_rate_delay) +A transport-specific override for the default_destination_rate_delay +parameter value, where \fItransport\fR is the master.cf name of +the message delivery transport. +.PP +This feature is available in Postfix 2.5 and later. .SH transport_destination_recipient_limit (default: $default_destination_recipient_limit) A transport-specific override for the default_destination_recipient_limit parameter value, where diff --git a/postfix/man/man8/oqmgr.8 b/postfix/man/man8/oqmgr.8 index 05f0d18d2..0196a3abc 100644 --- a/postfix/man/man8/oqmgr.8 +++ b/postfix/man/man8/oqmgr.8 @@ -275,11 +275,11 @@ The maximal time a bounce message is queued before it is considered undeliverable. .PP Available in Postfix version 2.5 and later: -.IP "\fBdefault_delivery_rate_delay (0s)\fR" +.IP "\fBdefault_destination_rate_delay (0s)\fR" The default amount of delay that is inserted between individual deliveries to the same destination; with per-destination recipient limit > 1, a destination is a domain, otherwise it is a recipient. -.IP "\fItransport\fB_delivery_rate_delay $default_delivery_rate_delay +.IP "\fItransport\fB_destination_rate_delay $default_destination_rate_delay Idem, for delivery via the named message \fItransport\fR. .SH MISCELLANEOUS CONTROLS .ad diff --git a/postfix/man/man8/qmgr.8 b/postfix/man/man8/qmgr.8 index 9b9ba7d6d..610c4ee63 100644 --- a/postfix/man/man8/qmgr.8 +++ b/postfix/man/man8/qmgr.8 @@ -323,11 +323,11 @@ The maximal time a bounce message is queued before it is considered undeliverable. .PP Available in Postfix version 2.5 and later: -.IP "\fBdefault_delivery_rate_delay (0s)\fR" +.IP "\fBdefault_destination_rate_delay (0s)\fR" The default amount of delay that is inserted between individual deliveries to the same destination; with per-destination recipient limit > 1, a destination is a domain, otherwise it is a recipient. -.IP "\fItransport\fB_delivery_rate_delay $default_delivery_rate_delay +.IP "\fItransport\fB_destination_rate_delay $default_destination_rate_delay Idem, for delivery via the named message \fItransport\fR. .SH "MISCELLANEOUS CONTROLS" .na diff --git a/postfix/mantools/postlink b/postfix/mantools/postlink index 15ea44218..07c43c01f 100755 --- a/postfix/mantools/postlink +++ b/postfix/mantools/postlink @@ -346,7 +346,7 @@ while (<>) { s;\bdefault_destination_concur[-]*\n* *[]*rency_positive_feedback\b;$&;g; s;\bdefault_destination_con[-]*\n* *[]*currency_failed_cohort_limit\b;$&;g; s;\bdestination_concurrency_feedback_debug\b;$&;g; - s;\bdefault_delivery_rate_delay\b;$&;g; + s;\bdefault_destina[-]*\n* *[]*tion_rate_delay\b;$&;g; s;\bqmqpd_error_delay\b;$&;g; s;\bqmqpd_timeout\b;$&;g; @@ -649,7 +649,7 @@ while (<>) { s;(transport)()?(_recipient_refill_delay)\b;$2$1$3;g; s;(transport)()?(_recipient_refill_limit)\b;$2$1$3;g; s;(transport)()?(_time_limit)\b;$2$1$3;g; - s;(transport)()?(_delivery_rate_delay)\b;$2$1$3;g; + s;(transport)()?(_destination_rate_delay)\b;$2$1$3;g; # Undo hyperlinks of manual pages with the same name as parameters. diff --git a/postfix/proto/QSHAPE_README.html b/postfix/proto/QSHAPE_README.html index 16394a138..2c82b4f63 100644 --- a/postfix/proto/QSHAPE_README.html +++ b/postfix/proto/QSHAPE_README.html @@ -409,8 +409,47 @@ caching does not solve the problem, there is a subtle workaround.

    +

  • Postfix version 2.5 and later:

    + +
      + +

    • In master.cf set up a dedicated clone of the "smtp" transport +for the destination in question. In the example below we will call +it "fragile".

      + +

    • In master.cf configure a reasonable process limit for the +cloned smtp transport (a number in the 10-20 range is typical).

      + +

    • IMPORTANT!!! In main.cf configure a large per-destination +pseudo-cohort failure limit for the cloned smtp transport.

      + +
      +/etc/postfix/main.cf:
+    transport_maps = hash:/etc/postfix/transport
+    fragile_destination_concurrency_failed_cohort_limit = 100
+    fragile_destination_concurrency_limit = 20
+
+/etc/postfix/transport:
+    example.com  fragile:
+
+/etc/postfix/master.cf:
+    # service type  private unpriv  chroot  wakeup  maxproc command
+    fragile   unix     -       -       n       -      20    smtp
+
      + +

      See also the documentation for +default_destination_concurrency_failed_cohort_limit and +default_destination_concurrency_limit.

      + +
    + +

  • Earlier Postfix versions:

    + +
      +

    • In master.cf set up a dedicated clone of the "smtp" -transport for the destination in question.

      +transport for the destination in question. In the example below +we will call it "fragile".

    • In master.cf configure a reasonable process limit for the transport (a number in the 10-20 range is typical).

      @@ -420,16 +459,26 @@ and destination concurrency limit for this transport (say 2000). 

       /etc/postfix/main.cf:
+    transport_maps = hash:/etc/postfix/transport
     initial_destination_concurrency = 2000
-    transportname_destination_concurrency_limit = 2000
+    fragile_destination_concurrency_limit = 2000
+
+/etc/postfix/transport:
+    example.com  fragile:
+
+/etc/postfix/master.cf:
+    # service type  private unpriv  chroot  wakeup  maxproc command
+    fragile   unix     -       -       n       -      20    smtp
      -

      Where transportname is the name of the master.cf entry -in question.

      +

      See also the documentation for default_destination_concurrency_limit. +

    -

    The effect of this surprising configuration is that up to 2000 +

+ +

The effect of this configuration is that up to 2000 consecutive errors are tolerated without marking the destination dead, while the total concurrency remains reasonable (10-20 processes). This trick is only for a very specialized situation: @@ -443,6 +492,42 @@ insert brief delays between delivery attempts.

    +

  • Postfix version 2.5 and later:

    + +
      + +

    • In master.cf set up a dedicated clone of the "smtp" transport +for the problem destination. In the example below we call it "slow". +

      + +

    • In main.cf configure a short delay between deliveries to +the same destination.

      + +
      +/etc/postfix/main.cf:
+    transport_maps = hash:/etc/postfix/transport
+    slow_destination_rate_delay = 1
+
+/etc/postfix/transport:
+    example.com  slow:
+
+/etc/postfix/master.cf:
+    # service type  private unpriv  chroot  wakeup  maxproc command
+    slow      unix     -       -       n       -       -    smtp
+
      + +
    + +

    See also the documentation for default_destination_rate_delay.

    + +

    This solution forces the Postfix smtp(8) client to wait for +$slow_destination_rate_delay seconds between deliveries to the same +destination.

    + +

  • Earlier Postfix versions:

    + +
      +

    • In the transport map entry for the problem destination, specify a dead host as the primary nexthop.

      @@ -451,25 +536,28 @@ problem destination as the fallback_relay and specify a small smtp_connect_timeout value. 

      +/etc/postfix/main.cf:
+    transport_maps = hash:/etc/postfix/transport
+
 /etc/postfix/transport:
-    problem.example.com  slow:[dead.host]
+    example.com  slow:[dead.host]
 
 /etc/postfix/master.cf:
     # service type  private unpriv  chroot  wakeup  maxproc command
     slow      unix     -       -       n       -       1    smtp
         -o fallback_relay=problem.example.com
         -o smtp_connect_timeout=1
+        -o smtp_cache_connection=no

    This solution forces the Postfix smtp(8) client to wait for -$smtp_connect_timeout seconds between deliveries. The solution -depends on Postfix connection management details, and needs to be -updated when SMTP connection caching is introduced.

    +$smtp_connect_timeout seconds between deliveries. The connection +caching feature is disabled to prevent the client from skipping +over the dead host.

    -

    Hopefully a more elegant solution to these problems will be -found in the future.

    +

Postfix queue directories

diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto index 21c82d2e5..5e93d8675 100644 --- a/postfix/proto/postconf.proto +++ b/postfix/proto/postconf.proto @@ -11382,7 +11382,7 @@ the message delivery transport.

This feature is available in Postfix 2.4 and later.

-%PARAM default_delivery_rate_delay 0s +%PARAM default_destination_rate_delay 0s

The default amount of delay that is inserted between individual deliveries to the same destination; with per-destination recipient @@ -11400,16 +11400,16 @@ unit).

timer state does not survive "postfix reload" or "postfix stop".

-

Use transport_delivery_rate_delay to specify a +

Use transport_destination_rate_delay to specify a transport-specific override, where transport is the master.cf name of the message delivery transport.

This feature is available in Postfix 2.5 and later.

-%PARAM transport_delivery_rate_delay $default_delivery_rate_delay +%PARAM transport_destination_rate_delay $default_destination_rate_delay -

A transport-specific override for the default_recipient_refill_delay +

A transport-specific override for the default_destination_rate_delay parameter value, where transport is the master.cf name of the message delivery transport.

diff --git a/postfix/src/global/mail_params.h b/postfix/src/global/mail_params.h index 55cecc7dd..b8b0caf80 100644 --- a/postfix/src/global/mail_params.h +++ b/postfix/src/global/mail_params.h @@ -2916,8 +2916,8 @@ extern int var_conc_cohort_limit; #define DEF_CONC_FDBACK_DEBUG 0 extern bool var_conc_feedback_debug; -#define VAR_DEST_RATE_DELAY "default_delivery_rate_delay" -#define _DEST_RATE_DELAY "_delivery_rate_delay" +#define VAR_DEST_RATE_DELAY "default_destination_rate_delay" +#define _DEST_RATE_DELAY "_destination_rate_delay" #define DEF_DEST_RATE_DELAY "0s" extern int var_dest_rate_delay; diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index 563ab40d8..f729cfce2 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,8 +20,8 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20080116" -#define MAIL_VERSION_NUMBER "2.5.0-RC2" +#define MAIL_RELEASE_DATE "20080123" +#define MAIL_VERSION_NUMBER "2.5.0" #ifdef SNAPSHOT # define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE diff --git a/postfix/src/oqmgr/qmgr.c b/postfix/src/oqmgr/qmgr.c index d895cc78d..e6b7a2cf0 100644 --- a/postfix/src/oqmgr/qmgr.c +++ b/postfix/src/oqmgr/qmgr.c @@ -241,11 +241,11 @@ /* undeliverable. /* .PP /* Available in Postfix version 2.5 and later: -/* .IP "\fBdefault_delivery_rate_delay (0s)\fR" +/* .IP "\fBdefault_destination_rate_delay (0s)\fR" /* The default amount of delay that is inserted between individual /* deliveries to the same destination; with per-destination recipient /* limit > 1, a destination is a domain, otherwise it is a recipient. -/* .IP "\fItransport\fB_delivery_rate_delay $default_delivery_rate_delay +/* .IP "\fItransport\fB_destination_rate_delay $default_destination_rate_delay /* Idem, for delivery via the named message \fItransport\fR. /* .SH MISCELLANEOUS CONTROLS /* .ad diff --git a/postfix/src/postconf/auto.awk b/postfix/src/postconf/auto.awk index 4b888da51..74e6401af 100644 --- a/postfix/src/postconf/auto.awk +++ b/postfix/src/postconf/auto.awk @@ -8,7 +8,7 @@ BEGIN { vars["destination_concurrency_positive_feedback"] = "default_destination_concurrency_positive_feedback" vars["destination_recipient_limit"] = "default_destination_recipient_limit" vars["initial_destination_concurrency"] = "initial_destination_concurrency" - vars["delivery_rate_delay"] = "default_delivery_rate_delay" + vars["destination_rate_delay"] = "default_destination_rate_delay" # auto_table.h diff --git a/postfix/src/qmgr/qmgr.c b/postfix/src/qmgr/qmgr.c index b3da982b1..59bafb8b6 100644 --- a/postfix/src/qmgr/qmgr.c +++ b/postfix/src/qmgr/qmgr.c @@ -287,11 +287,11 @@ /* undeliverable. /* .PP /* Available in Postfix version 2.5 and later: -/* .IP "\fBdefault_delivery_rate_delay (0s)\fR" +/* .IP "\fBdefault_destination_rate_delay (0s)\fR" /* The default amount of delay that is inserted between individual /* deliveries to the same destination; with per-destination recipient /* limit > 1, a destination is a domain, otherwise it is a recipient. -/* .IP "\fItransport\fB_delivery_rate_delay $default_delivery_rate_delay +/* .IP "\fItransport\fB_destination_rate_delay $default_destination_rate_delay /* Idem, for delivery via the named message \fItransport\fR. /* MISCELLANEOUS CONTROLS /* .ad diff --git a/postfix/src/smtp/smtp_sasl_auth_cache.c b/postfix/src/smtp/smtp_sasl_auth_cache.c index 9920850a1..682c4fba3 100644 --- a/postfix/src/smtp/smtp_sasl_auth_cache.c +++ b/postfix/src/smtp/smtp_sasl_auth_cache.c @@ -132,11 +132,12 @@ SMTP_SASL_AUTH_CACHE *smtp_sasl_auth_cache_init(const char *map, int ttl) */ #define CACHE_DICT_OPEN_FLAGS \ (DICT_FLAG_DUP_REPLACE | DICT_FLAG_SYNC_UPDATE) +#define PROXY_COLON DICT_TYPE_PROXY ":" +#define PROXY_COLON_LEN (sizeof(PROXY_COLON) - 1) - if (strncmp(map, DICT_TYPE_PROXY, sizeof(DICT_TYPE_PROXY) - 1) != 0 - || map[sizeof(DICT_TYPE_PROXY) - 1] != ':') + if (strncmp(map, PROXY_COLON, PROXY_COLON_LEN) != 0) msg_fatal("SASL authentication cache name \"%s\" must start with \"" - DICT_TYPE_PROXY "\":", map); + PROXY_COLON, map); auth_cache = (SMTP_SASL_AUTH_CACHE *) mymalloc(sizeof(*auth_cache)); auth_cache->dict = dict_open(map, O_CREAT | O_RDWR, CACHE_DICT_OPEN_FLAGS); @@ -192,9 +193,9 @@ static char *smtp_sasl_auth_cache_make_value(const char *password, return (vstring_export(val_buf)); } -/* smtp_sasl_auth_cache_valid - validate auth failure cache value */ +/* smtp_sasl_auth_cache_valid_value - validate auth failure cache value */ -static int smtp_sasl_auth_cache_valid(SMTP_SASL_AUTH_CACHE *auth_cache, +static int smtp_sasl_auth_cache_valid_value(SMTP_SASL_AUTH_CACHE *auth_cache, const char *entry, const char *password) { @@ -235,7 +236,7 @@ int smtp_sasl_auth_cache_find(SMTP_SASL_AUTH_CACHE *auth_cache, key = smtp_sasl_auth_cache_make_key(session->host, session->sasl_username); if ((entry = dict_get(auth_cache->dict, key)) != 0) - if ((valid = smtp_sasl_auth_cache_valid(auth_cache, entry, + if ((valid = smtp_sasl_auth_cache_valid_value(auth_cache, entry, session->sasl_passwd)) == 0) /* Remove expired, password changed, or malformed cache entry. */ if (dict_del(auth_cache->dict, key) == 0) diff --git a/postfix/src/util/sane_accept.c b/postfix/src/util/sane_accept.c index 613177c29..b1e6670d6 100644 --- a/postfix/src/util/sane_accept.c +++ b/postfix/src/util/sane_accept.c @@ -18,8 +18,8 @@ /* workarounds may be enabled that depend on the socket type. /* BUGS /* Bizarre systems may have other harmless error results. Such -/* systems encourage programers to ignore error results, and -/* penalizes programmers who code defensively. +/* systems encourage programmers to ignore error results, and +/* penalize programmers who code defensively. /* LICENSE /* .ad /* .fi diff --git a/postfix/src/util/sane_connect.c b/postfix/src/util/sane_connect.c index b8286a798..513f97a03 100644 --- a/postfix/src/util/sane_connect.c +++ b/postfix/src/util/sane_connect.c @@ -15,8 +15,8 @@ /* known harmless error results to EAGAIN. /* BUGS /* Bizarre systems may have other harmless error results. Such -/* systems encourage programers to ignore error results, and -/* penalizes programmers who code defensively. +/* systems encourage programmers to ignore error results, and +/* penalize programmers who code defensively. /* LICENSE /* .ad /* .fi diff --git a/postfix/src/util/sane_socketpair.c b/postfix/src/util/sane_socketpair.c index c1d3568d3..a889934c3 100644 --- a/postfix/src/util/sane_socketpair.c +++ b/postfix/src/util/sane_socketpair.c @@ -16,8 +16,8 @@ /* skips over silly error results such as EINTR. /* BUGS /* Bizarre systems may have other harmless error results. Such -/* systems encourage programers to ignore error results, and -/* penalizes programmers who code defensively. +/* systems encourage programmers to ignore error results, and +/* penalize programmers who code defensively. /* LICENSE /* .ad /* .fi