Hi Brett, yes 4.3.5 is really an error, but when a valid user is found no error is returned.
Such problem arise since ldap return 32: No such object. [root@mail2 openldap]# postmap -q barb...@igi.cnr.it ldap:/opt/trend/imss/OpenLDAP/etc/openldap/myBad.cf OK barb...@igi.cnr.it [root@mail2 openldap]# postmap -q bar...@igi.cnr.it ldap:/opt/trend/imss/OpenLDAP/etc/openldap/myBad.cf postmap: warning: dict_ldap_lookup: /opt/trend/imss/OpenLDAP/etc/openldap/myBad.cf: Search base 'dc=cgprouter' not found: 32: No such object Regards, Paolo. > On 4 Apr 2017, at 10:35, Brett Maxfield <brett.maxfi...@gmail.com> wrote: > > This is not a warning, it is an error, your base might be wrong. your > ldapsearch test would return the same result even if the base was wrong.. try > searching for something that exists.. open yourldap with a ldap gui and cut > and paste the base, or better test your search config file with postmap -q as > that does what postfix does > > server configuration error means the ldap query is failing entirely, not that > the email is not found, so its something that caused the query to fail, a > successful query succeeds but return 0 results, not an error, which is what > you are getting.. > > Cheers > Brett > >> On 4 Apr 2017, at 4:48 pm, Paolo Barbato <paolo.barb...@igi.cnr.it> wrote: >> >> Hi. >> >> I’m using following rules in main.cf >> >> smtpd_recipient_restrictions = permit_mynetworks, check_recipient_access >> regexp:/opt/trend/imss/postfix/etc/postfix/access, >> reject_unauth_pipelining, reject_non_fqdn_recipient, >> reject_unknown_recipient_domain, reject_unauth_destination, ldap:ldaprfx, >> reject >> >> where ldaprfx is configured with >> >> ldaprfx_server_host = xx >> ldaprfx_search_base = dc=cgprouter >> ldaprfx_query_filter = mail=%s >> ldaprfx_result_attribute = mail >> ldaprfx_result_scope = one >> ldaprfx_result_format = OK %s >> ldaprfx_version = 3 >> >> I see not existent mail correctly denied with 451, but an error is logged in >> maillog >> >> Apr 3 15:23:04 mail2 postfix/smtpd[11180]: warning: dict_ldap_lookup: >> ldaprfx: Search base 'dc=cgprouter' not found: 32: No such object >> Apr 3 15:23:04 mail2 postfix/smtpd[11180]: warning: ldap:ldaprfx: table >> lookup problem >> Apr 3 15:23:04 mail2 postfix/smtpd[11180]: NOQUEUE: reject: RCPT from >> unknown[xxx: 451 4.3.5 <x...@igi.cnr.it>: Recipient address rejected: Server >> configuration error; from=<xx@xxx> to=<xx@xx> proto=ESMTP helo=<xxx> >> >> Is there a way to avoid ldap warnings ? >> >> Is it expected to see logging "Server configuration error" ? >> >> >> Here what ldapsearch returns: >> >> ldapsearch -v -LLL -hxxxx -b"dc=cgprouter" -x -s one 'mail=notexist@xx' >> ldap_initialize( ldap://xxx) >> filter: mail=notexist@xxx >> requesting: All userApplication attributes >> No such object (32) >> Additional information: unknown user account >> >> Thanks for any hints . >> >> >> Regards, >> Paolo. >> >> >> ------------------------------------------------------------------------------------------------ >> Paolo Barbato >> >> Consorzio RFX >> corso Stati Uniti,4 >> 35127 Padova - Italy >> Network Administrator >> phone: +39 049 8295097 fax: +39 049 8700718 >> ------------------------------------------------------------------------------------------------ >> ------------------------------------------------------------------------------------------------ Paolo Barbato Consorzio RFX corso Stati Uniti,4 35127 Padova - Italy Network Administrator phone: +39 049 8295097 fax: +39 049 8700718 ------------------------------------------------------------------------------------------------
