How to setup Varnish with Drupal for high performace? Or moving to Pressflow?

Hello, I have Drupal 5.x site that's under very high traffic, it got half a million page views in the last weekend, and we've started to use Varnish to cache some pages.

We're using the Varnish configuration suggested here with this Varnish module. A quick view of the source code tells me the module just sets a cookie named DRUPAL_VARNISH on login and unsets it on logout.

The idea of this setup is that Varnish will cache and deliver cached pages just for anonymous users, 90% of our traffic are anonymous users.

We have a few problems:

1. One problem we have is that when one user logins he still sees cached pages, even if the DRUPAL_VARNISH cookie is correctly set by the varnish.module.

2. A user logins from the home page and after the login redirection appears on the home page but as an anonymous user, if the user goes to any other page he sees everything as an authenticated user. It seems the user is still seeing the home page cached for anonymous users.

3. A more serious problem is that in certain cases an anonymous user can go to /user and sees the page of some other user, including access to user editing pages and other pages that only that authenticated users should see.

I've seen a few articles about Pressflow, which is working with Varnish, and Josh has created Project Mercury. and I'm wondering if I'm missing some more changes in Drupal, like the changes in headers. Maybe the cached pages I'm seeing are not from Varnish but from the browser. How to confirm? Hard refresh on the browser? Do I need to make Drupal tell the browser to do a hard refresh?

Finally, I'm thinking about Pressflow and Amazon EC2. Can a Drupal 5 site with many custom modules be easily moved to a Pressflow setup?

Thanks for all your ideas.