tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: mail.local NSS awareness

On Wed, Apr 30, 2008 at 11:08:50AM +0200, Manuel Bouyer wrote:
> Do all MTAs check that the local user exists before calling mail.local ?

Well I assume that there would have been widespread complains if that
was not the case.

> Hum, in light of this I don't understand your problem any more
> (I mean, I see the benefit of having mail.local handle nss failures
> gracefully, but I don't understand how you did run into it).
> If the MTA checks that the user exists, if there's a LDAP failure
> it should fail the message before calling mail.local, isn't it ?

Chaos starts if you have network outage or overloaded LDAP server: 
you can easily reach the situation where MTA can look up the user
successfully, and mail.local gets a failure. The situation is rare,
but it can happen. With current mail.local behavior, the mail is 
silently discarded, which is extremely bad.

Emmanuel Dreyfus

Home | Main Index | Thread Index | Old Index