ldap authentication backup

General eFa discussion
Post Reply
nicola.piazzi
Posts: 388
Joined: 23 Apr 2015 09:45

ldap authentication backup

Post by nicola.piazzi »

Using this our efa is able to get mail for our exchange real users rejcting others :
relay_recipient_maps = ldap:/etc/postfix/ldap_relay_recipient_maps.cf

1) If I send to an exiting email and this is correct :
Mail sent successfully

2) If i send to a non existing email i get the error :
Error: RCPT TO: <nicola.pizzi@gruppocomet.it> failed '550:5.1.1 <nicola.pizzi@gruppocomet.it>: Recipient address rejected: User unknown in relay recipient table'

3) If there is a configuration error (config file lost or ldap unavailable or ldap user password change , ...) it give a lookup failure
Error: RCPT TO: <nicola.piazzi@gruppocomet.it> failed '451:4.3.0 <nicola.piazzi@gruppocomet.it>: Temporary lookup failure'

is possible to have a DELIVERY (obviously for verified and unverified address) in case of ldap failure ?
User avatar
pdwalker
Posts: 1553
Joined: 18 Mar 2015 09:16

Re: ldap authentication backup

Post by pdwalker »

It doesn't look like it: http://www.postfix.org/postconf.5.html# ... pient_maps

It appears to be an all or nothing matter.

So, you're choices are:

1/ make sure your ldap never goes down
2/ have a High Availability ldap setup, either via HAProxy or maybe round robin DNS
3/ configure a second fallback map for when LDAP is not accessible - that could be another LDAP server if you dont like #2.
4/ use user/password smtp authentication
5/ ?
Post Reply