On Tue, Apr 26, 2011 at 08:44:05AM -0400, Wietse Venema wrote: > That is because the POSTFIX LDAP client queries the LDAP server. > The POSTFIX LDAP client works correctly: when the LDAP server fails > to respond, the POSTFIX LDAP client returns a temporary error. > > > However, for mail that originates on the mail host, e.g. by mail(1), > > when an LDAP outage causes local users to disappear (getent passwd > > username returns no results with exit code 2) local bounces the mail as > > user unknown. While this is not surprising behaviour, it is not the > > desired behaviour, either. > > This is a bug in the SYSTEM NSS LDAP client. The SYSTEM NSS LDAP > client works incorrectly: when the LDAP server fails to respond, > the SYSTEM NSS LDAP client returns a NOTFOUND result.
Yes, exactly so, as I acknowledged further down. However, continuing from my original email: > > I was hoping that setting mailbox_transport_maps to the same LDAP map as > > local_recipient_maps would cause local to tempfail rather than bounce in > > this case. It turns out that it does not. So, no, the local(8) LDAP client does NOT work correctly. -- William Ono <wm...@soundwave.net>
