[TriLUG] sendmail vs. postfix - was Re: stupid sendmail question?

Jason Tower jason at cerient.net
Wed Jun 16 19:48:10 EDT 2004 

> Just to throw more information on the fire, erm... umm...  anyway...
>
> The verify feature (straight from the man page):
> >*BUGS*
> >       The  address  verification  service  is  suitable only for
> >       sites that handle a low mail volume.  Verification  probes
> >       add  additional  traffic  to  the  mail  queue and perform
> >       poorly under high load.  Servers may blacklist sites  that
> >       probe excessively, or that probe excessively for non-exis-
> >       tent recipient addresses.

since we're only restricting incoming mail, all probes are to our own 
mail server, so this is not an issue.  and while our volume is not as 
high as intrex's, the gateway box receives about 100k messages a day 
without breaking a sweat.

in any case, it sure beats the hell out of *not* using verify.  without 
it the gateway would accept all mail for the permitted domains and try 
to forward them to the next hop smtp server after amavis is through 
with them, which would then bounce and fill the queue (they bounce 
because of dictionary-type spam floods, so 98% of the recipients are 
invalid).  a local lookup table would help alleviate this, but that 
requires constant synchronization (best case) or is flat out impossible 
for one reason or another (worst case).

> >
> >       If the persistent database ever gets  corrupted  then  the
> >       world  comes  to  an end and human intervention is needed.
> >       This violates a basic Postfix principle.

that's why i cross my fingers before going to sleep each night :-)  
until every piece of software on the planet is totally bug free i'm not 
terribly worried about my sysadmin duties being outsourced to india.

> Venema is often overly-cautious, especially with new features, and it
> may not be so bad after all.  Personally, I'm interested in playing
> with the feature, and I've been setting up a test box earlier today
> for precisely that purpose.  But you have to admit, the warning is a
> bit dire.  :)

beats not getting a warning at all.  you think MS tells you up front 
about every feature of exchange that isn't 100% perfect?  honesty is 
the best policy.

jason

More information about the TriLUG mailing list