xs4all enabled DANE outgoing verification

Viktor Dukhovni ietf-dane at dukhovni.org
Tue Sep 4 16:09:24 CEST 2018

> On Sep 4, 2018, at 3:33 AM, Jan-Pieter Cornet <johnpc at xs4all.net> wrote:
> Our current software no longer has that limitation, and we now close the connection 30 seconds after delivery (unless new mail arrives that can reuse the connection).

One off-topic comment on this subject.  Postfix also has
support for connection caching, but uses the feature much
more carefully (on demand):

  1.  Connection caching to a destination is only enabled when
      the queue has more messages to that destination than the
      destination concurrency limit.  In other words, only when
      there are messages waiting for a delivery slot queued behind
      the current message, and so the cached connection is likely
      to get used.

  2.  Cached connections are closed after 2s of idle time, only
      sustained traffic keeps cached connections open.

  3.  Cached connections are closed after ~300s of use.  This
      amortizes connection setup latency when some MX hosts are
      slow.  Sadly some receiving sites limit the number of
      messages per connection (rather than connection duration).
      That's unfortunate, re-use limits by message count don't
      overcome slow MX connection "attractors".

See http://www.postfix.org/CONNECTION_CACHE_README.html#safety

These ensure that connection caching is never seen as "aggressive"
by receiving systems.


More information about the dane-users mailing list