From: Victor Duchovni (no email)
Date: Sat Sep 03 2005 - 15:01:33 EDT
On Sat, Sep 03, 2005 at 06:37:22PM +0200, Tony Earnshaw wrote:
> > Use of nss_ldap, nss_nis, ... on mail servers performing local(8)
> > delivery is inadvisable, avoid at all costs (dump the user list) to
> > /etc/passwd or "db" periodically, ... If nss_ldap, ... must be used,
> > provide enough replica servers and sufficiently robust networking to
> > make lookup failure extremely improbable.
>
> Yes. After more than a year running Postfix 2.1.5 on a given RHAS3 site
> and having 1150+ users really hammering OpenLDAP 2.2.17 both with
> ns_ldap and LDAP searches, no problems whatsoever, present uptime 90+
> days (downtimes due to RHAS3 kernel updates).
>
> All Postfix local(8) delivery is local. And no use whatsoever is made of
> nss for LDAP.
>
Things would likely be different had you enabled nss_ldap, in which case
occasional false "unknown" bounces from local(8) or rejects from
smtpd(8) using unix:passwd.byname in local_recipient_maps are to be
expected.
-- Viktor. Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the "Reply-To" header. To unsubscribe from the postfix-users list, visit http://www.postfix.org/lists.html or click the link below: <mailto:?body=unsubscribe%20postfix-users> If my response solves your problem, the best way to thank me is to not send an "it worked, thanks" follow-up. If you must respond, please put "It worked, thanks" in the "Subject" so I can delete these quickly.
|
|
|