----- "Magnus Bäck" <mag...@dsek.lth.se> schrieb:
> On Saturday, March 14, 2009 at 17:08 CET,
> list-u...@backenhoernchen.de wrote:
>
> > ----- "mouss" <mo...@ml.netoyen.net> schrieb:
> >
>
> Lookup tables are tried in the order specified in the configuration,
> but if any of the tables returns a result OR FAILS, the traversal is
> terminated and that result is returned to the client. That is, given
> the configuration
>
> foo_bar_maps = ldap:/etc/postfix/foo.cf,
> hash:/etc/postfix/foo_backup
>
> the hash table WILL be consulted undr these circumstances:
>
> * The string being looked up isn't found in the LDAP table.
>
> The hash table WILL NOT be consulted under these circumstances:
>
> * The LDAP lookup fails.
> * The LDAP lookup returns OK, REJECT, an email address or
> whatever.
>
So, when i trun around you statemant
foo_bar_maps = hash:/etc/postfix/foo_backup,ldap:/etc/postfix/foo.cf
the hash should alway be asked first and when there ist no matching entry
postfix will ask ldap, which might have newer entries. So i can dump ldap less
often to the hash file.
Using this I will certainly only reduce correct lookups. Since most lookups at
least for mailboxes and aliases will fail the hash file because of SPAM
attempts with random addresses, I probably do not reduce the queries that much.
I just will "only" have the advantage of no 4xx denail when LDAP is down.
> > > Multiple maps support is not meant for fail-over of one map. it's
> > > like if they were concatenanted: if no match is found, move to
> the
> > > next map.
> >
> > Using them as fail-over would really be nice to do and i think
> shoult
> > work.
>
> Okay, but why? If the failover table ISN'T up to date it may provide
> bad results if it's ever used. If the failover table IS up to date,
> why not use it all the time?
You might be right at some point. I is - as always - a question of what you
think is best for your setup. If you have millions of smtp requests a minute,
using a hash file with refreshing it every 5 minutes is probably a good way.
On the other hand a system which does not have as many as 100 requests a minute
an LDAP or MySQL backend data does not change that much, at least domain and
mailbox mappings dumped every hour or so would be fine. Aliases might be
handled different so redirecting mail would take effect faster.
Do you have/know about any documentation on which order mappings are tried. I
believe you but to be certain I'd like to read it in some dev-doc or so.
Thanks,
cv
>
> [...]
>
> --
> Magnus Bäck
> mag...@dsek.lth.se
