Javier Henderson:
> Greetings,
>
> I am trying to configure Postfix to gracefully deal with the
> failure of the LDAP server it uses for alias resolution.
>
> It's working fine, using the LDAP server to resolve u...@domain.com
> to u...@somehost.domain.com, but if the LDAP server dies or becomes
> unreachable for whatever reason, Postfix replies with 5xx error
> codes about the user being invalid.
>
> Is there a way to configure it to return 4xx codes so the remote
> end tries later?
If your LDAP lookup goes through nsswitch.conf, then there is a
10+ year old bug where LDAP lookup failure causes the SYSTEM LIBRARY
function getpwnam() and friends to return that the user does not
exist. Postfix cannot distinguish between false and true error
results.
Wietse
