Consider a high-level view of what happens on a sendmail system that acts as an email gateway. First, an external system opens an SMTP connection with the gateway. The message is sent to the gateway, which writes it to local storage and then acknowledges (and accepts responsibility for) the message. At that point, the sending machine closes the SMTP connection and can delete its own copy of the message. The gateway next opens an SMTP connection to the message's true destination (or perhaps the next hop). It transmits the message to this machine, waiting to hear that the remote machine has accepted the message. At that point, the gateway may close its connection and remove the message from its queue. Of course, the details of this operation are far more complex and have significant ramifications on the performance of the gateway machine. The following list offers additional detail, assuming we're using sendmail version 8.9 or earlier and delivery is being attempted in "background" mode, the default mode in which sendmail is started at system start-up time. After reviewing the items in this list, we will examine which of these steps changed as the sendmail version changed.
Starting with sendmail 8.10, some minor differences occur to the sequence listed above. With this version of sendmail, the queue identifier for a given transaction will be guaranteed to be unique for more than 60 years. Needless to say, no item should stay in a mail queue for that long. Therefore, there is no need to create a qf file to reserve the queue ID, so creating and writing to this file are deferred until just before the MTA acknowledges the receipt of the message. When sendmail runs in background mode (the default case, signified by adding the -bd flag when starting sendmail), this activity does not typically result in the net saving of any I/O operations. Besides the filesystem and network operations described previously, sendmail performs several DNS operations during this exchange. Typically, a reverse DNS lookup is performed on the IP address of the connecting host to check whether that host has permission to connect. Another DNS lookup is performed on the response to see whether a DNS A or IPv6 AAAA record exists that matches the PTR record returned in the previous request. A DNS lookup is then performed on the sender address. Next, a DNS lookup is performed on each recipient address to determine the machine for which the message is destined (it might be destined for the gateway itself) and to canonify the address (replace CNAME records with the host names to which they point). Once the sendmail process attempts to deliver the email message, the destination host is checked in DNS again. Each of these DNS checks of domain names are first checks for MX records, and then checks for CNAME and A records and possibly AAAA records if IPv6 support is enabled. Thus, if MX records for the destination server don't exist, two DNS lookups will be performed. For the typical relayed message bound for a single recipient, at least four DNS checks will occur, each of which may consist of two distinct queries. Matters become simpler if the sendmail server's name server is located nearby. If a DNS server receives a request to answer a query about, say, an MX record, the name server will typically tack on a request to resolve any resource records to which the MX record points, on the theory that the additional information will be requested next. While this procedure doesn't reduce the number of requests between an application and its name server, it does reduce the number of requests sent between the application's name server and the authoritative repository for the DNS information. Communication between a site's DNS server and the rest of the Internet typically occurs much more slowly than communication between the application and its name server, especially if an email server is its own name server. |