#191 KeyTable/SigningTable MySQL query caching and config parameters to control it
Hi!
I can't find anything useful so, my question is:
Does OpenDKIM cache SigningTable maps when configuration is stored in MySQL database?
Then new entries in the database are seen after opendkim reload is started, or it is reloaded after some time, can this time be controlled in config file?
I asked this because I have a setup like this and I see quite a lot of SELECTs being issued against the database.
So if MTA has to process thousands of emails, then database will be satured with quite a lot of SELECTs and I am looking if these can be cached for some time in any way, my configuration (new entries or updates) does not happen so often ( I guess for most of OpenDKIM users too ).
opendkim.conf
SigningTable dsn:mysql://user:password@host/database/table=domainkeys?keycol=domain?datacol=id
SELECT id FROM domainkeys WHERE domain = 'yyy@domain.com'
Ticket moved from /p/opendkim/bugs/228/
Moved to feature requests queue.
What sort of controls do you envision on the caching?
Maybe x time in seconds/minutes/hours how often it should scan table for new/updated records and recache it (Some db_rescan_interval = 1m). That parameter would be enough for me to control it, but there could also be another way how to send some kind of a trigger from application/cronjob for it to recache or add newly added etry (API like) without disrupting the whole service.
"service opendkim reload" could also be a way to force reload configs, but I am worried in my heavy usage case that milter times out, breaks newly established connections for MTAs and so on, so it would be nice to have.
Idea taken from redis-server
'stop-writes-on-bgsave-error' or selinux 'enforced/disabled'
Another option for controlling the policy maybe could be strict or relaxed. What I have in mind is error exception control so that with this parameter relaxed or strict it would skip only bad entry lines and parse all the rest and still start the service or reload the service successfully. Now it will always fail if some bad entry in table exists printing bad line number. I prioritize the service to keep working with all the good entries with ability to fix bad entry and reload/rescan table afterwards. Because in high usage/availability case time is lost in fixing the bad entry and service not working/errors in that time.
I will put more ideas later if I think of any new ones.
We have this for LDAP, but not SQL. I'll see if I can generalize it.
Ah, finally found it! Any update on this one? Ability to Cache signatures locally when using mysql as backend for SigningTable/KeyTable. So it doesn't saturate mysql with select queries for every email.
Hi,
I would like to ask for BerkeleyDB support if there is any option to reload keytable and signingtable without restarting opendkim? When i update berkeleydb file with new key+value it does not work. I need to restart opendkim. I need dynamic read from database without restarting opendkim. Could you pkease help me?
Best regards!