Viktor, here new ldaprfx.cf
server_host = 150.178.3.89:389 bind=no search_base = mail=%s,dc=cgprouter scope = base query_filter = mail=%s result_attribute = mail result_format = OK %s version = 3 here postmap check [root@mail2 postfix]# postmap -q bar...@igi.cnr.it ldap:/opt/trend/imss/postfix/etc/postfix/ldaprfx.cf [root@mail2 postfix]# [root@mail2 postfix]# postmap -q barb...@igi.cnr.it ldap:/opt/trend/imss/postfix/etc/postfix/ldaprfx.cf OK barb...@igi.cnr.it thats really fine. ....but after inserted ldap:/opt/trend/imss/postfix/etc/postfix/ldaprfx.cf in main.cf an new error come up "warning: dict_ldap_lookup: Search error 1: Operations error " and Server configuration error is there again. ? I've anyway just receive a feedback from CGPro developers that I share as promised: > For 6.2c3 (later this April): > LDAP: search for non-routable address under the dc=cgprouter base now returns > empty result rather than routing error. > > Th request with scope=base still returns error if the address can notbe > routed. Regards, Paolo Il giorno 04/apr/2017, alle ore 18.39, Viktor Dukhovni ha scritto: > >> On Apr 4, 2017, at 12:30 PM, Paolo Barbato <paolo.barb...@igi.cnr.it> wrote: >> >>> For better performance, change "ldap:ldaprfx" to "proxy:ldap:ldaprfx" >> >> Very effective suggestions, although if CGPro developers >> will accept my proposal, I'm confident that I'll be able >> to add CGPro virtual base directly using IMSVA web console. > > When using LDAP in the Postfix SMTP server (smtpd(8)), it > is important to use "proxy:ldap:..." instead of "ldap:..." > when defining LDAP tables. This significantly reduces the > number of concurrent connections seen by the LDAP server. > Many LDAP servers are not prepared to handle hundreds to > thousands of simultaneous connections. > > In some cases you may need to augment "proxy_read_maps" > with the tables you intend to use. > > Recent Postfix versions have a default settings of: > > $ postconf -fd proxy_read_maps > proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps > $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains > $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps > $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks > $smtpd_sender_login_maps $sender_bcc_maps $recipient_bcc_maps > $smtp_generic_maps $lmtp_generic_maps $alias_maps > $smtpd_client_restrictions > $smtpd_helo_restrictions $smtpd_sender_restrictions > $smtpd_relay_restrictions $smtpd_recipient_restrictions > > which covers all the tables listed in the various restriction lists. > > -- > Viktor. > ------------------------------------------------------------------------------------------------ Paolo Barbato Consorzio RFX corso Stati Uniti,4 35127 Padova - Italy Network Administrator phone: +39 049 8295097 fax: +39 049 8700718 ------------------------------------------------------------------------------------------------
