From: Tony Earnshaw (no email)
Date: Wed Jun 01 2005 - 13:58:24 EDT
ons, 01.06.2005 kl. 13.30 skrev Angel L. Mateo:
> I have a postfix server with virtual domains and virtual users defined
> in a LDAP directory (OpenLDAP). I have it all in linux server (debian
> sarge) with postfix 2.1.5 and with nscd running.
>
> I define my virtual users with
>
> virtual_alias_maps = ldap:users
> users_server_host = <my ldap server>
> users_server_port = 389
> users_bind = yes
> users_bind_dn = <my ldap user>
> users_bind_pw = <my ldap user's password>
> users_search_base = dc=mydomain
> users_query_filter = (&(mail=%s)(objectClass=CourierMailAccount))
> aliases_result_attribute = uid
>
> It works correctly, without any problem. Except last night. Last night
> the nscd process died and since then postfix didn't deliver any message,
> it bounced all messages with a user unknown error, like this:
>
> Jun 1 12:21:06 myotis1 postfix/smtpd[27030]: connect from
> xenon1.telemat.um.es[172.19.2.1]
> Jun 1 12:21:14 myotis1 postfix/smtpd[27030]: 82B301600A3:
> client=xenon1.telemat.um.es[172.19.2.1]
> Jun 1 12:21:19 myotis1 postfix/cleanup[27033]: 82B301600A3:
> message-id=<>
> Jun 1 12:21:19 myotis1 postfix/qmgr[27027]: 82B301600A3:
> from=<>, size=371, nrcpt=1 (queue active)
> Jun 1 12:21:19 myotis1 postfix/local[27035]: 82B301600A3:
> to=<>, orig_to=<>, relay=local,
> delay=6, status=bounced (unknown user: "amateo")
> Jun 1 12:21:19 myotis1 postfix/cleanup[27033]: 313261600B2:
> message-id=<>
> Jun 1 12:21:19 myotis1 postfix/qmgr[27027]: 313261600B2: from=<>,
> size=2150, nrcpt=1 (queue active)
> Jun 1 12:21:19 myotis1 postfix/qmgr[27027]: 82B301600A3: removed
> Jun 1 12:21:19 myotis1 postfix/local[27035]: 313261600B2:
> to=<>, orig_to=<>, relay=local,
> delay=0, status=bounced (unknown user: "amateo")
> Jun 1 12:21:19 myotis1 postfix/qmgr[27027]: 313261600B2: removed
>
> where myotis1.telemat.um.es is the real name of the server and um.es is
> one of its virtual domains.
>
> All this happens while nscd is died, although the system is still
> running without any problem. The users are already seen by the system,
> except postfix.
>
> Looking at the ldap logs, I observe that postfix makes a different
> search depending of if nscd is running or not. When nscd is running it
> searches for "mail=<user>@um.es", but when nscd is died, postfix
> searches for "mail=<user>@myotis1.telemat.um.es" and then it has no
> results.
It's difficult to comment without knowing what you have in your LDAP
DIT. For example, what does amateo have as mail attribute? what is his
uid? What is your standard domain for LDAP lookups?
For me on Red Hat 7.2 to RHAS3 inclusive, nscd is shit and should be
avoided at all costs. Not only is it unstable, but it ruins all LDAP
changes. The Nagios folks would not agree, but then who am I?
> Something more... I am running postfix in a chroot jail.
No idea. Keith Matthews for that :)
--Tonni
-- mail: http://www.billy.demon.nl
|
|
|