From: aio shin (aioshingmail.com)
Date: Thu Sep 20 2007 - 08:37:35 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 9/18/07, Wietse Venema <wietseporcupine.org> wrote:
> aio shin:
> > Ok, just a while ago, I upgraded the postfix to
> > postfix-2.3.12-1.rhel4.i386.rpm which I got from
> > http://postfix.wl0.org/ftp/official/2.3/RPMS-rhel4-i386/ , then do
> > some checking on the config, there's no changes since I did an rpm
> > -Uvh, then restarted postfix. I then try to send to our distribution
> > list and then I got 800 + undelivered messages due to false unknown
> > users. What is should I have to do next? (note: am doin it now on a
> > live system, so whenever I send to the list, it really affected the
> > mail system.)
>
> Postfix uses the getpwnam() SYSTEM LIBRARY routine to find out what
> users exist. getpwnam() then invokes the SYSTEM LIBRARY's PAM
> helper for LDAP.
>
> When the SYSTEM LIBRARY's PAM helper for LDAP handles database
> errors as "user not found", then no amount of Postfix reinstalls
> will slve the problem.
>
> Unless you are willing to fix the PAM helper for LDAP to not return
> "user not found" inappropriately, the best you can do is to provide
> a database that doesn't drop requests. Look in your LDAP server
> error logs, maybe it is trying to tell you something.
>
> Wietse
> >
> >
> > On 9/18/07, aio shin <aioshingmail.com> wrote:
> > > I'm getting my password file thru the ldap local service, which is via
> > > pam. Im not getting something like this on my previous box, Its just
> > > recently when I changed the machine to a higher specs ( which could
> > > not be the factor). Anyway, Im running centos 4.5 on it, while on my
> > > previous box, its centos 4.4. so, I might need to update the postfix
> > > if available.. I'll post if updating will fix it.
> > >
> > > Thanks!...
> > >
> > > On 9/18/07, Wietse Venema <wietseporcupine.org> wrote:
> > > > aio shin:
> > > > > Helo postfix users,
> > > > >
> > > > > I dont understand, its getting wierd, I have set the
> > > > > unknown_local_recipient_reject_code = 450 but still I got unknown user
> > > > > error from those legit users on my mail server. I observed that it
> > > > > usually happened when someone send an email to our distribution group
> > > > > which the usual number of members that should be local recipient goes
> > > > > to 200 or more.
> > > >
> > > > Are you using the UNIX password file for local users, or are you
> > > > using something that involves LDAP, SQL or some other database
> > > > service?
> > > >
> > > > It is possible that these report false "user unknown" under conditions
> > > > of high load. Usually the bug is that the system library incorrectly
> > > > reports failed database access as "user not found".
> > > >
> > > > Wietse
> > > >

I tried this

Example: local(8) aliases

Here's a basic example for using LDAP to look up local(8) aliases.
Assume that in main.cf, you have:

    alias_maps = hash:/etc/aliases, ldap:/etc/postfix/ldap-aliases.cf

and in ldap:/etc/postfix/ldap-aliases.cf you have:

    server_host = ldap.example.com
    search_base = dc=example, dc=com

and it succesfuly query the ldap database, which reduces the number of
false unknown users, maybe due to the numbers of local recipient being
sent to which cause the problem, or maybe other causes with the system
which I dont know yet. anyway, thanks... I saw from google a post of
yours that mentioned the LDAP_README...

Really thanks for those who gave time to reply.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]