



****** postfwd1 vs postfwd2 ******

As you might have noticed, there are two different versions of postfwd
available - postfwd(1) and postfwd2. Which version fits best for you depends on
your setup. Both versions use the same ruleset parser*. They also share the
basic command line arguments (use both with --help for details). This allows to
switch easily between them.

The following table might help you to decide which version to use. Basically
you should stick with postfwd1 for the moment unless you encounter performance
issues with dns based checks or very complex rulesets with thousands of checks.
Please note that, due to implementation, rate limits are handled faster by
postfwd1 at the moment. If performance really matters and you use a complex
ruleset with rate limits and lots of dns based checks you should consider
running two instances at different ports/sockets: postfwd1 for the rate limits
and postfwd2 for the rest.

 _____________________________________________________________________________
|______Version|________________postfwd1______|__________________postfwd2______|
|    * Specs  |    * Single process          |    * Multiple processes        |
|             |      (Multiplexer)           |      (Preforker)               |
|             |    * Default port: tcp/10040 |    * Default port: tcp/10045   |
|             |    * Small memory footprint  |    * Scales with multiple cpus/|
|             |                              |      cores                     |
|             |                              |    * Builtin watchdog function |
|_____________|______________________________|____*_Debug_classes_____________|
|    * Usage  |    * Fits for most setups    |    * High throughput setups    |
|             |    * Any single core system  |      with lots of requests per |
|             |    * Rate-limit-only rulesets|      second and                |
|             |                              |          o rulesets that use a |
|             |                              |            lot of dnsbl lookups|
|             |                              |          o really huge rulesets|
|             |                              |            containing tons of  |
|_____________|______________________________|____________checks______________|
|    * *Issues|                              |    * postfwd2 versions below   |
|             |                              |      1.30 do not support       |
|             |                              |      multiple rate limits for  |
|             |                              |      the same item:            |
|             |                              |      # reject on 300+          |
|             |                              |      connections/hour, warn at |
|             |                              |      200+                      |
|             |                              |      id=R01;                   |
|             |                              |      client_address=1.2.3.4;   |
|             |                              |      action=rate               |
|             |                              |      (client_address/300/3600/ |
|             |                              |      REJECT state RED)         |
|             |                              |      id=R02;                   |
|             |                              |      client_address=1.2.3.4;   |
|             |                              |      action=rate               |
|             |                              |      (client_address/200/3600/ |
|             |                              |      WARN state YELLOW)        |
|_____________|______________________________|______	_________________________|
