docs: record dual-stream implementation status + remaining DNS/prod steps
This commit is contained in:
justin
parent
90d8b94f3f
commit
8c51fa4b99
1 changed files with 35 additions and 0 deletions
|
|
@ -210,4 +210,39 @@ dead practice mailboxes (`550 5.1.1` from a clinic MX still hurts the hc IPs).
|
|||
clean delivery data.
|
||||
- DirectTrust signup to unlock the 242k Direct/HISP segment (separate effort).
|
||||
|
||||
## Implementation status (built + validated)
|
||||
Committed and validated on dev:
|
||||
- **Audience split** — `scripts/healthcare_email_streams.py` (shared classifier)
|
||||
+ reworked `scripts/build_npi_outreach_lists.py` emit
|
||||
`npi_healthcare_institutional/consumer.csv` + `npi_direct_secure.csv`.
|
||||
Verified on May 2026 NPPES: 89,557 institutional rows.
|
||||
- **Postfix hc stream** — `infra/postfix/hc_stream_setup.sh` applied on the app
|
||||
server: ports 2526/2527/2528 -> hcout1/2/3 -> IPs .107/.108/.109 (HELO
|
||||
hcmta01-03). Proven: a send on :2527 egressed via hcout2 (.108) to the real
|
||||
gmail MX; trucking transport_maps (.94-.96) untouched.
|
||||
- **listmonk-hc** — second instance (own `listmonk_hc` DB, own cap), 3 SMTP
|
||||
servers = the 3 hc ports. Proven on dev: listmonk-hc container -> host :2526
|
||||
(hcsubmit107) -> hcout1 (.107) -> real gmail MX.
|
||||
- **Ramp-cap** — `infra/postfix/pw-hc-rampcap.sh` (100->1000/h off
|
||||
`/etc/postfix/hc-warmup-start`), independent of the trucking ramp.
|
||||
- **Deploy wiring** — deploy.sh/deploy-dev.sh bring up listmonk-hc;
|
||||
`docker-compose.dev.override.yml` keeps dev (shared host) from clashing on
|
||||
prod host ports / postgres volume.
|
||||
|
||||
## REMAINING before any healthcare send (manual, needs Justin/DNS)
|
||||
1. **PTR / FCrDNS** for the hc IPs: `.107->hcmta01`, `.108->hcmta02`,
|
||||
`.109->hcmta03` (.performancewest.net). Required or institutional MX will
|
||||
spam/space us. (Currently .107-.109 have `mta18-20` PTR from the trucking
|
||||
pool; repoint to hcmtaNN.)
|
||||
2. **SPF**: confirm `.107-.109` are authorized (they already are in the 20-IP
|
||||
block, but verify after PTR change). DKIM/DMARC are domain-level, unchanged.
|
||||
3. **Install on prod**: create `listmonk_hc` DB + `--install`, configure its 3
|
||||
SMTP servers (commands in deploy.sh header), run `hc_stream_setup.sh` on the
|
||||
prod MTA, install `pw-hc-rampcap` cron.
|
||||
4. **Verify identity** with mail-tester / aboutmy.email from an hc IP (PTR + SPF
|
||||
+ DKIM + DMARC all pass) BEFORE importing the list.
|
||||
5. **Free MX+SMTP verify** the institutional CSV on a non-sending IP, import the
|
||||
verified file into listmonk-hc, send small focused batches (overdue-first).
|
||||
|
||||
|
||||
```
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue