From: Craig Sanders (no email)
Date: Mon Nov 01 2004 - 14:59:37 EST
On Thu, Oct 28, 2004 at 11:18:07PM -0400, Mike wrote:
> One reason that we are trying to do this ( so you can better understand my
> situation ) is when we send out electronic invoices or statements to
> clients, our exchange server sends these 200k pdf files to the postfix
> server, but the postfix server starts to filter the incoming message, so as
> you can imagine with all the body_checks, SA, header_checks RBL's etc.
> cleanup for each message starts to eat up cpu to the point that top returns
> a load average of 30 - 50 which is nasty.
you can avoid all this filtering work for these emails by running another smtpd
instance (either on a different port or a different IP address) which has all
the filtering stuff disabled.
e.g. to run a non-filtering smtpd on port 26, you'd have something like the
following in /etc/postfix/master.cf:
:26 inet n - n - - smtpd -o content_filter= -o body_checks= -o header_checks=
use firewall rules to block access to port 26 from outside your network. even
better, if your internal network is running on RFC-1618 private IP addresses
(e.g. 191.168.x.x or 172.16.x.x or 10.x.x.x) make it listen only on the
internal network like so:
192.168.1.1:26 inet n - n - - smtpd -o content_filter= -o body_checks= -o header_checks=
then configure your exchange server to relay via port 26 rather than port 25.
if exchange can't relay via a different port (no idea, i don't use exchange)
then set up an alias interface and make the non-filtering smtpd listen only on
that IP address...make exchange relay via that IP rather than the main IP.
if you want to restrict relay access to this smtpd to only the exchange server,
then add "-o mynetworks=x.x.x.x" to the smtpd line above, where x.x.x.x is the
exchange server's IP address.
remember to restart postfix (NOTE: restart, not reload) whenever you change master.cf
craig
-- craig sanders <> (part time cyborg)
|
|
|