Re: SPF support in opendkim?
On Sat, Aug 13, 2011 at 9:58 AM, Alessandro Vesely <vesely_at_tana.it> wrote:
> On 12.08.2011 01:20, Murray S. Kucherawy wrote:
>>> -----Original Message-----
>>> From: Steve Fatula [mailto:compconsultant_at_yahoo.com]
>>> Sent: Thursday, August 11, 2011 2:54 PM
>>> To: Murray S. Kucherawy; Opendkim
>>> Subject: Re: SPF support in opendkim?
>>>
>>> On higher volume postfix servers, all those processes being separate
>>> significantly reduces emails per hour one can handle.
>>
>> I'd like to see some data to back that up. In the analysis I've done,
>> both of them spend most of their time waiting for DNS replies, not
>> cranking through analysis steps or talking back and forth with postfix.
>> And if that's true, then combining the two into one won't save you much of
>> anything in the long run; the I/O delay of having to talk to two filters
>> instead of one will be noise compared to how long you're waiting for DNS
>> servers on far away networks to answer your queries for SPF policies and
>> DKIM keys.
>
> Although I cannot produce supporting data, I have the same hunch that DNS is
> the bottleneck. An SPF filter which does not reject right away on failures
> can start queries at an earlier SMTP stage than DKIM, and thus take less time
> for each message. Consider an SMTP extension that provides for declaring
> DKIM's domain(s) and selector(s) before sending DATA. Could that better the
> throughput noticeably?
>
> Just conjecturing...
For high volume mailers, the easiest way to speed up Postfix delivery
is to install a local recursive DNS cache/resolver. I recommend
Unbound. Sub 5-minute install and configure. Give it a shot.
SteveJ
Received on Sun Aug 14 2011 - 17:58:01 PST
This archive was generated by hypermail 2.3.0
: Mon Oct 29 2012 - 23:20:19 PST