Postfix SMTP connection cache tagging

Looking at Noel's reply to a connection caching question, I realized
(once again) that the cache is shared among all SMTP clients, even
across SMTP clients of mail delivery transports.

That is a good thing from a connection reuse perspective. It can,
however, have an unexpected result when different SMTP transports
have different smtp_bind_address settings. This is done, for example,
to give different mail streams a different client IP address so that
their reputations are "separated".

The way that Postfix currently implements connection reuse, it is
possible that different mail streams become mixed.

A possible solution is that an SMTP client tags the connection cache
with smtp_bind_address information (if non-default) so that it can
be taken into account when searching the connection cache.



Re: Postfix SMTP connection cache tagging

By Wietse Venema at 04/01/2012 - 10:24

Wietse Venema:
This is not what happens. The SMTP delivery agent prepends its own
service name (the first field in to the name of every
connection cache entry.

(This is easily verified by setting "scache -v" in, and
by comparing the logging with "default_transport=smtp" with the
logging of "default_transport=relay").

There is, therefore, no "leakage" of cached sessions from one
transport to another transport, and therefore no "violation" of
sender reputation policies.


Re: Postfix SMTP connection cache tagging

By Ben Rosengart at 03/22/2012 - 16:32

On Thu, Mar 22, 2012 at 03:53:23PM -0400, Wietse Venema wrote:
What about other smtp_* settings affecting one-time-only parts of the
protocol, such as smtp_helo_name? We don't RSET and re-HELO after each
transaction, do we?

Re: Postfix SMTP connection cache tagging

By Wietse Venema at 03/22/2012 - 17:38

Ben Rosengart:
I think the simplest solution would be to separate the session cache
entries from different transports, at least by default.

Basically, each transport name specifies a default cache name space
where an SMTP client will store and look up sessions.

If we want so share cached sessions between different transports,
then all one has to do is override the default cache name space,
and specify the same override with all delivery agents that may
share cached sessions.