On Thu, May 26, 2011 at 04:19:56PM -0700, Stephen Ingram wrote:
> Agreed. Here is the postfix log for when the ldap table is used:
>
> May 26 14:48:46 smtp postfix/smtpd[5653]: E8EB7CC056A:
> client=terrapin.penumbra.us[192.168.17.42]
> May 26 14:48:59 smtp postfix/cleanup[5663]: E8EB7CC056A:
> message-id=<20110526194846.e8eb7cc0...@smtp.penumbra.us>
> May 26 14:48:59 smtp postfix/qmgr[5156]: E8EB7CC056A:
> from=<st...@penumbra.us>, size=414, nrcpt=1 (queue active)
> May 26 14:49:00 smtp postfix/smtpd[5683]: disconnect from
> terrapin.penumbra.us[192.168.17.42]
> May 26 14:49:04 smtp postfix/smtpd[5683]: connect from
> scan.penumbra.us[192.168.17.43]
> May 26 14:49:04 smtp postfix/smtpd[5683]: C5DB2CC056C:
> client=terrapin.penumbra.us[192.168.17.42]
> May 26 14:49:04 smtp postfix/cleanup[5663]: C5DB2CC056C:
> message-id=<20110526194846.e8eb7cc0...@smtp.penumbra.us>
> May 26 14:49:04 smtp postfix/qmgr[5156]: C5DB2CC056C:
> from=<st...@penumbra.us>, size=871, nrcpt=1 (queue active)
> May 26 14:49:04 smtp postfix/smtpd[5683]: disconnect from
> scan.penumbra.us[192.168.17.43]
> May 26 14:49:04 smtp postfix/smtp[5668]: E8EB7CC056A:
> to=<u...@4test.net>, relay=192.168.17.43[192.168.17.43]:10024,
> delay=30, delays=25/0.04/0/4.9, dsn=2.0.0, status=sent (250 2.0.0 Ok,
> id=24032-10, from MTA([192.168.17.44]:10025): 250 2.0.0 Ok: queued as
> C5DB2CC056C)
> May 26 14:49:04 smtp postfix/qmgr[5156]: E8EB7CC056A: removed
The message "E8EB7CC056A" is delivered without any problems.
> May 26 14:49:04 smtp postfix/error[5684]: C5DB2CC056C:
> to=<us...@penumbra.us>, orig_to=<u...@4test.net>, relay=none,
> delay=0.16, delays=0.13/0.01/0/0.0, dsn=5.0.0, status=bounced (User
> unknown in virtual alias table)
The domain "penumbra.us" is incorrectly matched a virtual alias
domain by the LDAP table.
> And, now when the hash table is used:
>
> May 26 14:55:25 smtp postfix/smtp[5896]: 7FC45CC056C:
> to=<us...@penumbra.com>, orig_to=<u...@4test.net>,
> relay=smtp2.penumbra.us[192.168.17.85]:25, delay=0.79,
> delays=0.13/0.13/0.17/0.36, dsn=2.0.0, status=sent (250 2.0.0 Ok:
> queued as 34E50448037)
This domain is not listed a virtual alias domain in the hash table.
> Also whenever ldap is used to lookup the domain, it reports only
> finding one entry:
No, it finds additional entries.
> so I don't think the ldap queries are matching other domains.
And yet they do.
> Like you
> say, unless postfix performs the name rewrite differently when an ldap
> lookup is used,
At the key/value layer, all lookups work the same way for all table
types. The partial key selection is different for regexp tables, but
this is not relevant here.
> But given that only one result is obtained with
> each lookup, I can't imagine what could be the difference.
The difference is that "penumbra.com" is matched by the LDAP table.
--
Viktor.
