[Dovecot] resilience suggestion
Chris Wakelin
c.d.wakelin at reading.ac.uk
Fri Feb 9 10:59:10 UTC 2007
David Lee wrote:
> We're running dovecot on Fedora Core 5 (FC5), with passwd map details
> supplied by NIS. We have found that "nscd" sometimes thinks that a
> username is invalid, even though it is valid. So when "deliver" attempts
> a delivery to the INBOX of that username, it receives "user unknown" from
> the name service, and then does a 5xx permanent failure of valid email.
>>From the user perspective "The System" has incorrectly rejected perfectly
> valid incoming email. It is rare, but it does occasionally happen on
> large, busy systems.
>
We don't use "deliver" (just use Exim) but we build a static passwd-file
userdb from NIS overnight and use PAM for authentication (via pam_ldap
to Active Directory, but it works with pam_unix too). We did this for a
performance boost as Dovecot then caches the userdb, rather than having
to wait for a NIS lookup each time, but I'd expect it to iron out
problems with deliver/nscd as well. While the passwords could change any
time, userdb information generally doesn't happen that often, and it
only takes a few seconds to rebuild manually if a new user has to be
added quickly.
Chris
--
--+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+-
Christopher Wakelin, c.d.wakelin at reading.ac.uk
IT Services Centre, The University of Reading, Tel: +44 (0)118 378 8439
Whiteknights, Reading, RG6 2AF, UK Fax: +44 (0)118 975 3094
More information about the dovecot
mailing list