Author: michael Date: To: exim, sysadmin CC: exim-users Subject: Re: [Exim] database lookups & cdbs
> > Would it seem sensible therfore that as a general rule anyone wanting to do > > lookups (NIS, LDAP or other, etc.) for variables like "local_domains" should
> > really generate a cdb file from their master database periodically and
> > atomically move the new cdb to replace the existing cdb?
>
> Absolutely. As another poster said earlier it has huge advantages in terms of
> your system's resilience to parts of it being down.
I disagree. The big advantage of directory services is that a change
instantly has an effect. When people modify their POP3 password,
a cached password would be very confusing.
> This method means that is your LDAP or SQL is down you mail keeps flowing,
> sure you probably cannot bring new accounts online but at least you are not
> flat on your face.
>
> Centralised solutions look good on paper with one database feeding all the
> information out for the whole enterprise, the downside is that, if that
> central database isn't there neither is anything else.
That's what replica servers are good for. I use a local replica server
on each mail system node. Besides redundancy, it improves performance.
OpenLDAP replication works very well. I have a local caching only name
server on each node for the same reason.